MCP Servers Are the New Shadow IT for AI

Key Takeaways MCP servers are becoming the default wiring between AI agents and enterprise applications — but most organizations have zero visibility into where they are, what they expose, or how they can be abused. Qualys TotalAI now provides layered discovery of MCP servers across network, host...

EUVD-2011-0815

Malware in sbrugna...

EUVD-2024-18894

Malicious code in bioql PyPI...

PT-2024-10267 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to a vulnerability in the Web Runtime SEC component of JD Edwards EnterpriseOne Tools, which can be exploited by a low-privileged attacker with network...

Oracle JD Edwards Products 输入验证错误漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products provide financial management, project management and asset lifecycle management application modules. An input validation error vulnerability exists in JD Edwards...

Oracle GraalVM Enterprise Edition Unauthorized Access Vulnerability (CNVD-2020-26995)

Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. A security vulnerability exists in Oracle GraalVM in the Tools component of Oracle GraalVM Enterprise Edition versions 19.3.1 and 20.0.0. An attacker could exploit the vulnerability t...

Suddenly Teleworking, Securely

So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely. A Lot of New Teleworkers All At Once This event can't be treat...