Daily Recap, Citrix patched multiple NetScaler issues, including a new HTTP/2 Bomb and bugs tied to CitrixBleed, while Progress Kemp LoadMaster faced active exploitation attempts for a pre-auth RCE flaw. Across AI and threats, Microsoft warned that poisoned MCP tool descriptions can lure AI agents into leaking data, and security researchers reported Azure CLI password-spraying against at least 78 Microsoft accounts, with additional supply-chain abuse via malicious PyPI packages targeting Telegram bot servers.
#Citrix #NetScaler #HTTP2Bomb #CitrixBleed #ProgressKemp #LoadMaster #PreAuthRCE #Mythos #Fable #MythosFable #MCP #BioShocking #Monero #Langflow #AzureCLI #PasswordSpray #RustDuck #PyPI #Telegram #CISA #CIA #RussellVought #Ratcliffe
#Citrix #NetScaler #HTTP2Bomb #CitrixBleed #ProgressKemp #LoadMaster #PreAuthRCE #Mythos #Fable #MythosFable #MCP #BioShocking #Monero #Langflow #AzureCLI #PasswordSpray #RustDuck #PyPI #Telegram #CISA #CIA #RussellVought #Ratcliffe
Vulnerabilities & Patches
- Citrix patched multiple NetScaler flaws, including a new HTTP/2 Bomb issue and another bug with echoes of CitrixBleed, while Progress Kemp LoadMaster is facing active exploitation attempts for a pre-auth RCE flaw. β NetScaler Fixes, NetScaler Flaw, LoadMaster RCE
- Adobe released patches for critical ColdFusion and Campaign Classic vulnerabilities, and Google fixed 382 Chrome vulnerabilities. β Adobe Patches, Chrome Fixes
AI, Cloud & Platform Security
- The U.S. lifted export control restrictions on Anthropicβs Mythos and Fable, and Anthropic restored Claude Fable 5 after the policy change tied to jailbreak concerns. β Export Controls, Claude Restored
- Microsoft warned that poisoned MCP tool descriptions can trick AI agents into leaking data, while a new BioShocking attack can manipulate AI browsers into theft. β MCP Warning, BioShocking
- Langflow RCE was exploited to deploy a Monero miner on exposed AI app endpoints, showing continued abuse of misconfigured AI services. β Langflow Exploit
- Microsoft is accelerating its quantum-safe roadmap as post-quantum risks grow, signaling earlier adoption of cryptographic defenses. β Quantum-Safe Roadmap
- Security experts urged enterprises to ask vendors tougher questions about frontier AI risk, governance, and deployment controls. β Frontier AI
Threats, Malware & Exploitation
- A massive Azure CLI password-spray campaign hit at least 78 Microsoft accounts using more than 81M attempts, highlighting large-scale credential abuse. β Azure Spray
- RustDuck botnet was rebuilt in Rust to hijack routers and servers for DDoS, expanding its offensive infrastructure. β RustDuck Botnet
- Malicious PyPI packages were found taking over Telegram bot servers, underscoring supply-chain risk in open-source ecosystems. β PyPI Abuse
Phishing & Fraud
- A phishing kit described as more like BEC-as-a-service points to increasingly commoditized business email compromise tooling. β BEC Kit
- Research on underground tradecraft shared lessons on how to better defend against Business Email Compromise. β BEC Lessons
- A fake Perplexity extension in the Chrome Web Store was caught tracking searches, adding another browser-based privacy threat. β Fake Extension
Government & Intelligence
- Russell Vought signaled openness to re-staffing CISA after prior budget cuts, while CIA chief Ratcliffe highlighted major shifts in the agencyβs technology approach. β CISA Staffing, CIA Tech Shift