Ten Years of Resilience, Innovation & Community-Driven Defense
The world of cybersecurity has been a wild ride over the last decade. As attackers stepped up their game year over year, the security…
CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions
A critical vulnerability in Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to connect to…
Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage,…
Data Is a Dish Best Served Fresh: “In the Wild” Versus Active Exploitation
The term “In the Wild” is broadly used to refer to any activity that has been observed outside of a controlled environment.…
MCP vulnerability case study: SQL injection in the Postgres MCP server
Key points and observations We found a SQL injection vulnerability in Anthropic’s reference Postgres MCP server that allowed us to…