Tag feed

#security

9,258 posts2,262 followers

SRSatyam Rastogisatyamrastogi.hashnode.dev

Shields Up Defense Tech: Red Team Attack Surface Expansion

Originally published on satyamrastogi.com Analysis of how cybersecurity defense technologies introduce new attack surfaces. Red team perspective on exploiting AI-powered security tools, cloud-native defenses, and zero trust architectures for initial...

4m ago5 min read

Bbotguardbotguard.hashnode.dev

MCP Tool Poisoning: When Your AI Agent's Tools Lie to It

A single compromised MCP server can bring down an entire AI agent ecosystem, with attackers using tool poisoning to redirect agent behavior and evade detection. The Problem MCP tool poisoning is a subtle yet devastating attack vector that can comprom...

37m ago4 min read

VVValerii Vainkopvainkop.hashnode.dev

AI Security Scanning Is No Longer Pattern Matching — Here's What Changed

AI Security Scanning Is No Longer Pattern Matching — Here's What Changed Your CI pipeline probably runs a static analysis tool. It finds exposed secrets, hardcoded credentials, outdated crypto libraries, known CVE patterns. It's fast, it's cheap, and...

2h ago5 min read

NBNripesh Bhusalbackendtheory.hashnode.dev

Validation & Transformation

Need for Validations: Before an API processes any request, it is critical to validate the incoming data. Validation acts as the first line of defence between external input and internal application lo

4h ago4 min read

PXPhong Xuannews.fmisec.com

CISA: BeyondTrust RCE flaw now exploited in ransomware attacks

Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. The security issue affects BeyondTrust's Remote Support 25.3.1 or earli...

20h ago2 min read

PXPhong Xuannews.fmisec.com

Japanese tech giant Advantest hit by ransomware attack

Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. Preliminary investigation results revealed that an intruder gained access to certain parts of the co...

20h ago2 min read

FAFaiz Ahmed Farooquiblog.faizahmed.in

Stop Putting Secrets in process.env: Encrypt Env Vars with AWS KMS

This post starts with the production problem we hit in late 2025, the critical security vulnerability in React Server Components and Next.js (CVE-2025-66478). Then it explains the library I built in r

18h ago10 min read

AAmankr200amankumardev.hashnode.dev

Building a Zero-Dependency Env Validator for Production Security

🔒 secure-env-check A zero-dependency, production-ready Node.js library to validate environment variables, detect weak secrets, and guard against accidental .env commits. ✅ Zero dependencies 🔐 Secu

1d ago6 min read

RRridesh raju bijwerideshcyber.hashnode.dev

SOC164 – Suspicious Mshta Behavior Walkthrough (EventID:114)

Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Al

11h ago4 min read