The Detectify MCP Server utilizes the Model Context Protocol (MCP), an open standard adopted across the AI industry for agent-tool communication.
Tag: standard
AI, Apps, Global Security News, Risk Management
Trust3 AI focuses on AI agent risks with MCP Security layer
Trust3 AI has announced the launch of Model Context Protocol (MCP) Security, establishing a new standard for safeguarding enterprise agentic AI workloads. This solution forms a key capability within Trust3 AI’s enterprise agent control plane, empowering security and governance teams with a unified trust layer to seamlessly and safely connect AI agents with vital business…
AI, Endpoint, Exploits, Global Security News, Risk Management
Extending Security to MCP Servers: Closing a Critical Gap
The Model Context Protocol (MCP) is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the time-consuming work of building APIs. Adoption has surged in recent…
AI, Global Security News
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a “major malicious attack.” “We’re dealing with a major malicious attack on Ruby Gems right now,” Maciej Mensfeld, senior product manager for software supply chain security at Mend.io, said in a post on…
AI, Global Security News
DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a regex vulnerability, adjusts OAuth redirect handling to match a recent Microsoft change, and ships fixes across IMAP, SMTP, CalDAV, and CardDAV subsystems. A regex replacement closes…
AI, Exploits, Global Security News
AI-enabled device code phishing campaign exploits OAuth flow for account takeover
A phishing campaign that bypasses the standard 15-minute expiration window through automation and dynamic code generation, leveraging the OAuth Device Code Authentication flow to compromise organizational accounts at scale, has been observed by the Microsoft Defender Security Research team. The campaign uses AI-assisted infrastructure and end-to-end automation. Attack overview Device Code Authentication is a legitimate…
AI, Data Breaches, Global Security News
Yurei Ransomware Uses Common Tools, Adds Stranger Things References
Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Things–named payloads to breach and encrypt systems.
Global Security News
A nearly undetectable LLM attack needs only a handful of poisoned samples
Prompt engineering has become a standard part of how large language models are deployed in production, and it introduces an attack surface most organizations have not yet addressed. Researchers have developed and tested a prompt-based backdoor attack method, called ProAttack, that achieves attack success rates approaching 100% on multiple text classification benchmarks without altering sample…
Global Security News
Betterleaks: Open-source secrets scanner
Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that project has now released a new tool called Betterleaks, which is designed to scan git repositories, directories, and standard input for leaked credentials, API keys, tokens, and passwords.…
AI, Global Security News
OutSystems Named a Leader for AI Agent Builders in the 2026 G2 Grid Report
COMPANY NEWS: With a 95 NPS and 100% Ease of Admin score, OutSystems sets the standard for enterprise AI agent development
Data Breaches, Global Security News
The Case for Why Better Breach Transparency Matters
It’s become a standard practice for organizations to disclose the bare minimum about a data breach, or worse — not disclose the incident at all.
AI, Data Breaches, Global Security News
Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70 countries. The dataset examines how attackers gain access, how quickly they reach…
Global Security News
Best-in-Class ‘Starkiller’ Phishing Kit Bypasses MFA
A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.
AI, Apps, Cybersecurity, Exploits, Funding, Global Security News, Network Security, Risk Management
Why 2025’s agentic AI boom is a CISO’s worst nightmare
By late 2025, the enterprise AI landscape had shifted. Standard RAG systems are failing at a rate of 80%, forcing a pivot to autonomous agents. But while “agentic RAG” solves the reliability problem, it introduces a terrifying new one: the autonomous execution of malicious instructions. If 2023 was the year of the chatbot and 2024…
AI, Global Security News
Google Chrome Launches WebMCP in Early Preview for AI Agent Interactions
Google’s Chrome team has rolled out an early preview of WebMCP, a proposed web standard that enables websites to communicate directly with AI agents via structured tools rather than relying on messy screen scraping. Today, when AI agents access websites, they often rely on screenshots or raw HTML to determine what to do. That means…