SecurityWeek

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited

New report outlines the Top 25 MCP vulnerabilities and how attackers could exploit AI agents, plus strategies for defense.
SecurityWeek

Fortra Patches Critical GoAnywhere MFT Vulnerability

Fortra has released patches for a critical-severity vulnerability in the GoAnywhere secure managed file transfer (MFT) ...

Hidden prompt injection: The black hat trick AI outgrew

Invisible prompts once tricked AI like old SEO hacks. Here’s how LLMs filter hidden commands and protect against manipulation ...
The Hacker News

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

Libraesva patches CVE-2025-59689 after confirmed state-sponsored exploitation; update ESG to avoid command injection.

Fortra warns of max severity flaw in GoAnywhere MFT’s License Servlet

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks.

New Supermicro BMC flaws can create persistent backdoors

Two vulnerabilities affecting the firmware of Supermicro hardware, including Baseboard Management Controller (BMC) allow attackers to update systems with maliciously crafted images.