Security Boulevard

MCP security: How to prevent prompt injection and tool poisoning attacks

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...

New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...
CSO Online

CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension

A malicious extension impersonating an ad blocker forces repeated browser crashes before pushing victims to run ...
Hosted on MSN

China: Single voice command exposes humanoid robots to hijacking and cascading attacks

Commercial robots are far more vulnerable to hacking than many users realise, with cybersecurity experts warning that some machines can be taken over in minutes. Now, Chinese developers have ...

Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...
Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...