piggo
@pigondrugs.bsky.social
I sheer alpacas and try to defend the internet from malware
~Trendmicro~
Trend Vision One demonstrated strong performance in the 2025 MITRE ATT&CK Evaluations emulating Scattered Spider and Mustang Panda.
-
IOCs: (None identified)
-
#ATTACK #MITRE #ThreatIntel
Trend Vision One demonstrated strong performance in the 2025 MITRE ATT&CK Evaluations emulating Scattered Spider and Mustang Panda.
-
IOCs: (None identified)
-
#ATTACK #MITRE #ThreatIntel
Trend Vision One in 2025 MITRE ATT&CK Evaluations
www.trendmicro.com
December 10, 2025 at 5:08 PM
~Trendmicro~
Trend Vision One demonstrated strong performance in the 2025 MITRE ATT&CK Evaluations emulating Scattered Spider and Mustang Panda.
-
IOCs: (None identified)
-
#ATTACK #MITRE #ThreatIntel
Trend Vision One demonstrated strong performance in the 2025 MITRE ATT&CK Evaluations emulating Scattered Spider and Mustang Panda.
-
IOCs: (None identified)
-
#ATTACK #MITRE #ThreatIntel
~Sentinelone~
Chinese security firms use cyber ranges and 'attack-defense' exercises to train offensive talent for state-linked cyber operations.
-
IOCs: (None identified)
-
#China #CyberRanges #ThreatIntel
Chinese security firms use cyber ranges and 'attack-defense' exercises to train offensive talent for state-linked cyber operations.
-
IOCs: (None identified)
-
#China #CyberRanges #ThreatIntel
China's Cyber Ranges Fueling Cyber Operations
www.sentinelone.com
December 10, 2025 at 5:07 PM
~Sentinelone~
Chinese security firms use cyber ranges and 'attack-defense' exercises to train offensive talent for state-linked cyber operations.
-
IOCs: (None identified)
-
#China #CyberRanges #ThreatIntel
Chinese security firms use cyber ranges and 'attack-defense' exercises to train offensive talent for state-linked cyber operations.
-
IOCs: (None identified)
-
#China #CyberRanges #ThreatIntel
~Elastic~
Researchers detail NANOREMOTE, a new Windows backdoor linked to FINALDRAFT that uses the Google Drive API for C2 and data exfiltration.
-
IOCs: (None identified)
-
#Malware #NANOREMOTE #ThreatIntel
Researchers detail NANOREMOTE, a new Windows backdoor linked to FINALDRAFT that uses the Google Drive API for C2 and data exfiltration.
-
IOCs: (None identified)
-
#Malware #NANOREMOTE #ThreatIntel
NANOREMOTE: New Windows Backdoor Abuses Google Drive API
www.elastic.co
December 10, 2025 at 5:04 PM
~Elastic~
Researchers detail NANOREMOTE, a new Windows backdoor linked to FINALDRAFT that uses the Google Drive API for C2 and data exfiltration.
-
IOCs: (None identified)
-
#Malware #NANOREMOTE #ThreatIntel
Researchers detail NANOREMOTE, a new Windows backdoor linked to FINALDRAFT that uses the Google Drive API for C2 and data exfiltration.
-
IOCs: (None identified)
-
#Malware #NANOREMOTE #ThreatIntel
~Checkpoint~
Analysis of ValleyRAT reveals a kernel rootkit bypassing Windows 11, with a leaked builder causing a surge in its use.
-
IOCs: sun-rat. com
-
#Rootkit #ThreatIntel #ValleyRAT
Analysis of ValleyRAT reveals a kernel rootkit bypassing Windows 11, with a leaked builder causing a surge in its use.
-
IOCs: sun-rat. com
-
#Rootkit #ThreatIntel #ValleyRAT
ValleyRAT: Builder Secrets & Kernel Rootkits
research.checkpoint.com
December 10, 2025 at 5:02 PM
~Checkpoint~
Analysis of ValleyRAT reveals a kernel rootkit bypassing Windows 11, with a leaked builder causing a surge in its use.
-
IOCs: sun-rat. com
-
#Rootkit #ThreatIntel #ValleyRAT
Analysis of ValleyRAT reveals a kernel rootkit bypassing Windows 11, with a leaked builder causing a surge in its use.
-
IOCs: sun-rat. com
-
#Rootkit #ThreatIntel #ValleyRAT
~Trendmicro~
Critical RCE vulnerability in React Server Components is actively exploited in-the-wild by multiple malware campaigns (Mirai, Cobalt Strike).
-
IOCs: 193. 34. 213. 150, 154. 89. 152. 240, 107. 174. 123. 91
-
...
Critical RCE vulnerability in React Server Components is actively exploited in-the-wild by multiple malware campaigns (Mirai, Cobalt Strike).
-
IOCs: 193. 34. 213. 150, 154. 89. 152. 240, 107. 174. 123. 91
-
...
React2Shell (CVE-2025-55182) Exploited In-the-Wild
www.trendmicro.com
December 10, 2025 at 12:38 PM
~Trendmicro~
Critical RCE vulnerability in React Server Components is actively exploited in-the-wild by multiple malware campaigns (Mirai, Cobalt Strike).
-
IOCs: 193. 34. 213. 150, 154. 89. 152. 240, 107. 174. 123. 91
-
...
Critical RCE vulnerability in React Server Components is actively exploited in-the-wild by multiple malware campaigns (Mirai, Cobalt Strike).
-
IOCs: 193. 34. 213. 150, 154. 89. 152. 240, 107. 174. 123. 91
-
...
~Socket~
A new Rust RFC proposes adding a 'Security' tab to crates.io pages to display vulnerability advisories from RustSec.
-
IOCs: CVE-2025-62518
-
#Rust #Security #SupplyChain #ThreatIntel
A new Rust RFC proposes adding a 'Security' tab to crates.io pages to display vulnerability advisories from RustSec.
-
IOCs: CVE-2025-62518
-
#Rust #Security #SupplyChain #ThreatIntel
Rust RFC Proposes Security Tab on crates.io
socket.dev
December 10, 2025 at 12:37 PM
~Socket~
A new Rust RFC proposes adding a 'Security' tab to crates.io pages to display vulnerability advisories from RustSec.
-
IOCs: CVE-2025-62518
-
#Rust #Security #SupplyChain #ThreatIntel
A new Rust RFC proposes adding a 'Security' tab to crates.io pages to display vulnerability advisories from RustSec.
-
IOCs: CVE-2025-62518
-
#Rust #Security #SupplyChain #ThreatIntel
~Paloalto~
A new multi-platform (Windows/Linux) ransomware named 01flip, written in Rust, is targeting organizations in the Asia-Pacific region.
-
IOCs: proton. me, CVE-2019-11580
-
#Ransomware #Rust #ThreatIntel
A new multi-platform (Windows/Linux) ransomware named 01flip, written in Rust, is targeting organizations in the Asia-Pacific region.
-
IOCs: proton. me, CVE-2019-11580
-
#Ransomware #Rust #ThreatIntel
New 01flip Ransomware in Rust
unit42.paloaltonetworks.com
December 10, 2025 at 12:34 PM
~Paloalto~
A new multi-platform (Windows/Linux) ransomware named 01flip, written in Rust, is targeting organizations in the Asia-Pacific region.
-
IOCs: proton. me, CVE-2019-11580
-
#Ransomware #Rust #ThreatIntel
A new multi-platform (Windows/Linux) ransomware named 01flip, written in Rust, is targeting organizations in the Asia-Pacific region.
-
IOCs: proton. me, CVE-2019-11580
-
#Ransomware #Rust #ThreatIntel
~Cofense~
Threat actors are abusing the legitimate AI tool NoteGPT to host links that redirect victims to Microsoft credential phishing pages.
-
IOCs: arc. stylized. it. com
-
#NoteGPT #Phishing #ThreatIntel
Threat actors are abusing the legitimate AI tool NoteGPT to host links that redirect victims to Microsoft credential phishing pages.
-
IOCs: arc. stylized. it. com
-
#NoteGPT #Phishing #ThreatIntel
NoteGPT Phishing Campaign
cofense.com
December 10, 2025 at 12:31 PM
~Cofense~
Threat actors are abusing the legitimate AI tool NoteGPT to host links that redirect victims to Microsoft credential phishing pages.
-
IOCs: arc. stylized. it. com
-
#NoteGPT #Phishing #ThreatIntel
Threat actors are abusing the legitimate AI tool NoteGPT to host links that redirect victims to Microsoft credential phishing pages.
-
IOCs: arc. stylized. it. com
-
#NoteGPT #Phishing #ThreatIntel
~Trendmicro~
Trend Vision One integration with AWS Security Hub centralizes cloud security findings for unified visibility and faster response.
-
IOCs: (None identified)
-
#AWS #CloudSecurity #ThreatIntel
Trend Vision One integration with AWS Security Hub centralizes cloud security findings for unified visibility and faster response.
-
IOCs: (None identified)
-
#AWS #CloudSecurity #ThreatIntel
Trend Vision One & AWS Security Hub Integration
www.trendmicro.com
December 10, 2025 at 4:06 AM
~Trendmicro~
Trend Vision One integration with AWS Security Hub centralizes cloud security findings for unified visibility and faster response.
-
IOCs: (None identified)
-
#AWS #CloudSecurity #ThreatIntel
Trend Vision One integration with AWS Security Hub centralizes cloud security findings for unified visibility and faster response.
-
IOCs: (None identified)
-
#AWS #CloudSecurity #ThreatIntel
~Microsoft~
Malicious npm packages execute during pre-installation to steal credentials from developer environments and CI/CD pipelines.
-
IOCs: (None identified)
-
#ShaiHulud #SupplyChain #ThreatIntel #npm
Malicious npm packages execute during pre-installation to steal credentials from developer environments and CI/CD pipelines.
-
IOCs: (None identified)
-
#ShaiHulud #SupplyChain #ThreatIntel #npm
Shai-Hulud 2.0 Supply Chain Attack
www.microsoft.com
December 10, 2025 at 4:03 AM
~Microsoft~
Malicious npm packages execute during pre-installation to steal credentials from developer environments and CI/CD pipelines.
-
IOCs: (None identified)
-
#ShaiHulud #SupplyChain #ThreatIntel #npm
Malicious npm packages execute during pre-installation to steal credentials from developer environments and CI/CD pipelines.
-
IOCs: (None identified)
-
#ShaiHulud #SupplyChain #ThreatIntel #npm
~Cisa~
Pro-Russia hacktivists are exploiting insecure, internet-facing VNC connections to attack OT systems in critical infrastructure.
-
IOCs: (None identified)
-
#Hacktivism #OT #Russia #ThreatIntel
Pro-Russia hacktivists are exploiting insecure, internet-facing VNC connections to attack OT systems in critical infrastructure.
-
IOCs: (None identified)
-
#Hacktivism #OT #Russia #ThreatIntel
Pro-Russia Hacktivists Target Critical Infrastructure
www.cisa.gov
December 10, 2025 at 4:01 AM
~Cisa~
Pro-Russia hacktivists are exploiting insecure, internet-facing VNC connections to attack OT systems in critical infrastructure.
-
IOCs: (None identified)
-
#Hacktivism #OT #Russia #ThreatIntel
Pro-Russia hacktivists are exploiting insecure, internet-facing VNC connections to attack OT systems in critical infrastructure.
-
IOCs: (None identified)
-
#Hacktivism #OT #Russia #ThreatIntel
some weird lures with an obvious domain name?
microsoft. myluresevil .win
microsoft. myluresevil .win
December 9, 2025 at 9:03 PM
some weird lures with an obvious domain name?
microsoft. myluresevil .win
microsoft. myluresevil .win
~Socket~
Typosquatted Rust package 'finch-rust' uses a hidden, unpinned dependency to steal developer credentials from config files.
-
IOCs: rust-docs-build. vercel. app
-
#Malware #Rust #SupplyChain #ThreatIntel
Typosquatted Rust package 'finch-rust' uses a hidden, unpinned dependency to steal developer credentials from config files.
-
IOCs: rust-docs-build. vercel. app
-
#Malware #Rust #SupplyChain #ThreatIntel
Malicious Rust Crate 'finch-rust' Steals Credentials
socket.dev
December 9, 2025 at 8:06 PM
~Socket~
Typosquatted Rust package 'finch-rust' uses a hidden, unpinned dependency to steal developer credentials from config files.
-
IOCs: rust-docs-build. vercel. app
-
#Malware #Rust #SupplyChain #ThreatIntel
Typosquatted Rust package 'finch-rust' uses a hidden, unpinned dependency to steal developer credentials from config files.
-
IOCs: rust-docs-build. vercel. app
-
#Malware #Rust #SupplyChain #ThreatIntel
~Cisa~
CISA adds actively exploited WinRAR (CVE-2025-6218) and Windows (CVE-2025-62221) vulnerabilities to its KEV catalog, requiring federal remediation.
-
IOCs: CVE-2025-6218, CVE-2025-62221
-
#CISA #KEV #ThreatIntel
CISA adds actively exploited WinRAR (CVE-2025-6218) and Windows (CVE-2025-62221) vulnerabilities to its KEV catalog, requiring federal remediation.
-
IOCs: CVE-2025-6218, CVE-2025-62221
-
#CISA #KEV #ThreatIntel
CISA Adds Two Vulns to KEV Catalog
www.cisa.gov
December 9, 2025 at 8:02 PM
~Cisa~
CISA adds actively exploited WinRAR (CVE-2025-6218) and Windows (CVE-2025-62221) vulnerabilities to its KEV catalog, requiring federal remediation.
-
IOCs: CVE-2025-6218, CVE-2025-62221
-
#CISA #KEV #ThreatIntel
CISA adds actively exploited WinRAR (CVE-2025-6218) and Windows (CVE-2025-62221) vulnerabilities to its KEV catalog, requiring federal remediation.
-
IOCs: CVE-2025-6218, CVE-2025-62221
-
#CISA #KEV #ThreatIntel
~Cisa~
CISA released three new advisories for vulnerabilities in U-Boot, Festo LX appliances, and multiple CCTV cameras.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA released three new advisories for vulnerabilities in U-Boot, Festo LX appliances, and multiple CCTV cameras.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA Releases 3 ICS Advisories
www.cisa.gov
December 9, 2025 at 8:01 PM
~Cisa~
CISA released three new advisories for vulnerabilities in U-Boot, Festo LX appliances, and multiple CCTV cameras.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
CISA released three new advisories for vulnerabilities in U-Boot, Festo LX appliances, and multiple CCTV cameras.
-
IOCs: (None identified)
-
#CISA #ICS #ThreatIntel
~Varonis~
A new phishing kit enables large-scale, real-time attacks against dozens of European banks and crypto platforms with anti-analysis features.
-
IOCs: (None identified)
-
#Phishing #Spiderman #ThreatIntel
A new phishing kit enables large-scale, real-time attacks against dozens of European banks and crypto platforms with anti-analysis features.
-
IOCs: (None identified)
-
#Phishing #Spiderman #ThreatIntel
Spiderman Phishing Kit Targets European Banks
www.varonis.com
December 9, 2025 at 5:05 PM
~Varonis~
A new phishing kit enables large-scale, real-time attacks against dozens of European banks and crypto platforms with anti-analysis features.
-
IOCs: (None identified)
-
#Phishing #Spiderman #ThreatIntel
A new phishing kit enables large-scale, real-time attacks against dozens of European banks and crypto platforms with anti-analysis features.
-
IOCs: (None identified)
-
#Phishing #Spiderman #ThreatIntel
~Cofense~
Cofense has launched new AI-powered capabilities in its Triage and Security Awareness Training solutions to accelerate phishing threat remediation.
-
IOCs: (None identified)
-
#AI #Phishing #ThreatIntel
Cofense has launched new AI-powered capabilities in its Triage and Security Awareness Training solutions to accelerate phishing threat remediation.
-
IOCs: (None identified)
-
#AI #Phishing #ThreatIntel
Cofense Announces AI-Powered Phishing Defense Updates
cofense.com
December 9, 2025 at 5:01 PM
~Cofense~
Cofense has launched new AI-powered capabilities in its Triage and Security Awareness Training solutions to accelerate phishing threat remediation.
-
IOCs: (None identified)
-
#AI #Phishing #ThreatIntel
Cofense has launched new AI-powered capabilities in its Triage and Security Awareness Training solutions to accelerate phishing threat remediation.
-
IOCs: (None identified)
-
#AI #Phishing #ThreatIntel
~Zscaler~
A critical RCE vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components allows unauthenticated code execution.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #RCE #React2Shell #ThreatIntel
A critical RCE vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components allows unauthenticated code execution.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #RCE #React2Shell #ThreatIntel
React2Shell RCE Vulnerability
www.zscaler.com
December 8, 2025 at 8:09 PM
~Zscaler~
A critical RCE vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components allows unauthenticated code execution.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #RCE #React2Shell #ThreatIntel
A critical RCE vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components allows unauthenticated code execution.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #RCE #React2Shell #ThreatIntel
~Varonis~
Attackers can bypass MFA with stolen credentials by abusing the legacy ROPC OAuth flow in trusted first-party cloud applications.
-
IOCs: (None identified)
-
#MFA #OAuth #ROPC #ThreatIntel
Attackers can bypass MFA with stolen credentials by abusing the legacy ROPC OAuth flow in trusted first-party cloud applications.
-
IOCs: (None identified)
-
#MFA #OAuth #ROPC #ThreatIntel
ROPC-Enabled MFA Bypass
www.varonis.com
December 8, 2025 at 8:07 PM
~Varonis~
Attackers can bypass MFA with stolen credentials by abusing the legacy ROPC OAuth flow in trusted first-party cloud applications.
-
IOCs: (None identified)
-
#MFA #OAuth #ROPC #ThreatIntel
Attackers can bypass MFA with stolen credentials by abusing the legacy ROPC OAuth flow in trusted first-party cloud applications.
-
IOCs: (None identified)
-
#MFA #OAuth #ROPC #ThreatIntel
~Cisa~
CISA adds two actively exploited vulnerabilities affecting D-Link routers (CVE-2022-37055) and Array Networks OS (CVE-2025-66644) to its KEV catalog.
-
IOCs: CVE-2022-37055, CVE-2025-66644
-
#CISA #KEV #ThreatIntel
CISA adds two actively exploited vulnerabilities affecting D-Link routers (CVE-2022-37055) and Array Networks OS (CVE-2025-66644) to its KEV catalog.
-
IOCs: CVE-2022-37055, CVE-2025-66644
-
#CISA #KEV #ThreatIntel
CISA Adds Two Exploited Vulns to KEV Catalog
www.cisa.gov
December 8, 2025 at 8:01 PM
~Cisa~
CISA adds two actively exploited vulnerabilities affecting D-Link routers (CVE-2022-37055) and Array Networks OS (CVE-2025-66644) to its KEV catalog.
-
IOCs: CVE-2022-37055, CVE-2025-66644
-
#CISA #KEV #ThreatIntel
CISA adds two actively exploited vulnerabilities affecting D-Link routers (CVE-2022-37055) and Array Networks OS (CVE-2025-66644) to its KEV catalog.
-
IOCs: CVE-2022-37055, CVE-2025-66644
-
#CISA #KEV #ThreatIntel
~Trendmicro~
New GhostPenguin Linux backdoor provides remote shell and file system control over an encrypted UDP channel.
-
IOCs: 65. 20. 72. 101, www. iytest. com, 124. 221. 109. 147
-
#Backdoor #GhostPenguin #Linux #ThreatIntel
New GhostPenguin Linux backdoor provides remote shell and file system control over an encrypted UDP channel.
-
IOCs: 65. 20. 72. 101, www. iytest. com, 124. 221. 109. 147
-
#Backdoor #GhostPenguin #Linux #ThreatIntel
GhostPenguin: New Linux Backdoor
www.trendmicro.com
December 8, 2025 at 12:36 PM
~Trendmicro~
New GhostPenguin Linux backdoor provides remote shell and file system control over an encrypted UDP channel.
-
IOCs: 65. 20. 72. 101, www. iytest. com, 124. 221. 109. 147
-
#Backdoor #GhostPenguin #Linux #ThreatIntel
New GhostPenguin Linux backdoor provides remote shell and file system control over an encrypted UDP channel.
-
IOCs: 65. 20. 72. 101, www. iytest. com, 124. 221. 109. 147
-
#Backdoor #GhostPenguin #Linux #ThreatIntel
~Sekoia~
Technical walkthrough on extracting encrypted configurations from both clean and obfuscated samples of the QuasarRAT .NET malware.
-
IOCs: (None identified)
-
#QuasarRAT #RAT #ThreatIntel
Technical walkthrough on extracting encrypted configurations from both clean and obfuscated samples of the QuasarRAT .NET malware.
-
IOCs: (None identified)
-
#QuasarRAT #RAT #ThreatIntel
Extracting QuasarRAT's Encrypted Configuration
blog.sekoia.io
December 8, 2025 at 12:34 PM
~Sekoia~
Technical walkthrough on extracting encrypted configurations from both clean and obfuscated samples of the QuasarRAT .NET malware.
-
IOCs: (None identified)
-
#QuasarRAT #RAT #ThreatIntel
Technical walkthrough on extracting encrypted configurations from both clean and obfuscated samples of the QuasarRAT .NET malware.
-
IOCs: (None identified)
-
#QuasarRAT #RAT #ThreatIntel
~Sophos~
New packer 'Shanya' is being used by ransomware groups like Akira to deliver payloads and an EDR killer.
-
IOCs: biokdsl. com, biklkfd. com
-
#Packer #Ransomware #Shanya #ThreatIntel
New packer 'Shanya' is being used by ransomware groups like Akira to deliver payloads and an EDR killer.
-
IOCs: biokdsl. com, biklkfd. com
-
#Packer #Ransomware #Shanya #ThreatIntel
Shanya Packer-as-a-Service Fuels Attacks
news.sophos.com
December 7, 2025 at 4:04 AM
~Sophos~
New packer 'Shanya' is being used by ransomware groups like Akira to deliver payloads and an EDR killer.
-
IOCs: biokdsl. com, biklkfd. com
-
#Packer #Ransomware #Shanya #ThreatIntel
New packer 'Shanya' is being used by ransomware groups like Akira to deliver payloads and an EDR killer.
-
IOCs: biokdsl. com, biklkfd. com
-
#Packer #Ransomware #Shanya #ThreatIntel
~Trendmicro~
A critical pre-auth RCE (CVSS 10.0) vulnerability, CVE-2025-55182, affects React Server Components and frameworks like Next.js; patch immediately.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #ReactJS #ThreatIntel
A critical pre-auth RCE (CVSS 10.0) vulnerability, CVE-2025-55182, affects React Server Components and frameworks like Next.js; patch immediately.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #ReactJS #ThreatIntel
Critical RCE in React Server Components
www.trendmicro.com
December 6, 2025 at 4:04 AM
~Trendmicro~
A critical pre-auth RCE (CVSS 10.0) vulnerability, CVE-2025-55182, affects React Server Components and frameworks like Next.js; patch immediately.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #ReactJS #ThreatIntel
A critical pre-auth RCE (CVSS 10.0) vulnerability, CVE-2025-55182, affects React Server Components and frameworks like Next.js; patch immediately.
-
IOCs: CVE-2025-55182
-
#CVE202555182 #ReactJS #ThreatIntel
~Paloalto~
Malicious Model Context Protocol (MCP) servers can exploit the 'sampling' feature to conduct prompt injection attacks, leading to resource theft and covert actions.
-
IOCs: (None identified)
-
#AISecurity #LLM #PromptInjection #ThreatIntel
Malicious Model Context Protocol (MCP) servers can exploit the 'sampling' feature to conduct prompt injection attacks, leading to resource theft and covert actions.
-
IOCs: (None identified)
-
#AISecurity #LLM #PromptInjection #ThreatIntel
New Prompt Injection Attacks via MCP Sampling
unit42.paloaltonetworks.com
December 6, 2025 at 4:03 AM
~Paloalto~
Malicious Model Context Protocol (MCP) servers can exploit the 'sampling' feature to conduct prompt injection attacks, leading to resource theft and covert actions.
-
IOCs: (None identified)
-
#AISecurity #LLM #PromptInjection #ThreatIntel
Malicious Model Context Protocol (MCP) servers can exploit the 'sampling' feature to conduct prompt injection attacks, leading to resource theft and covert actions.
-
IOCs: (None identified)
-
#AISecurity #LLM #PromptInjection #ThreatIntel