CyberSecurity news
FlagThis
|
@www.helpnetsecurity.com
//
Bitwarden Unveils Model Context Protocol Server for Secure AI Agent Integration
Bitwarden has launched its Model Context Protocol (MCP) server, a new tool designed to facilitate secure integration between AI agents and credential management workflows. The MCP server is built with a local-first architecture, ensuring that all interactions between client AI agents and the server remain within the user's local environment. This approach significantly minimizes the exposure of sensitive data to external threats. The new server empowers AI assistants by enabling them to access, generate, retrieve, and manage credentials while rigorously preserving zero-knowledge, end-to-end encryption. This innovation aims to allow AI agents to handle credential management securely without the need for direct human intervention, thereby streamlining operations and enhancing security protocols in the rapidly evolving landscape of artificial intelligence. The Bitwarden MCP server establishes a foundational infrastructure for secure AI authentication, equipping AI systems with precisely controlled access to credential workflows. This means that AI assistants can now interact with sensitive information like passwords and other credentials in a managed and protected manner. The MCP server standardizes how applications connect to and provide context to large language models (LLMs), offering a unified interface for AI systems to interact with frequently used applications and data sources. This interoperability is crucial for streamlining agentic workflows and reducing the complexity of custom integrations. As AI agents become increasingly autonomous, the need for secure and policy-governed authentication is paramount, a challenge that the Bitwarden MCP server directly addresses by ensuring that credential generation and retrieval occur without compromising encryption or exposing confidential information. This release positions Bitwarden at the forefront of enabling secure agentic AI adoption by providing users with the tools to seamlessly integrate AI assistants into their credential workflows. The local-first architecture is a key feature, ensuring that credentials remain on the user’s machine and are subject to zero-knowledge encryption throughout the process. The MCP server also integrates with the Bitwarden Command Line Interface (CLI) for secure vault operations and offers the option for self-hosted deployments, granting users greater control over system configurations and data residency. The Model Context Protocol itself is an open standard, fostering broader interoperability and allowing AI systems to interact with various applications through a consistent interface. The Bitwarden MCP server is now available through the Bitwarden GitHub repository, with plans for expanded distribution and documentation in the near future. 
ImgSrc: img.helpnetsecu
Share:
References :
Classification:
@cyberscoop.com
//
Microsoft has issued its July 2025 Patch Tuesday updates, a crucial monthly release that addresses a significant number of vulnerabilities across its product lines. This release tackles a total of 130 CVEs, with 10 of them classified as critical. Notably, while no vulnerabilities were reported as actively exploited in the wild at the time of the release, one flaw in Microsoft SQL Server (CVE-2025-49719) has been publicly disclosed. This information disclosure vulnerability, rated as important with a CVSS score of 7.5, means that technical details are available, potentially increasing the risk of future exploitation. Organizations should prioritize patching this vulnerability, particularly as it affects SQL Server versions 2016 through 2022 and does not require authentication to exploit, potentially exposing sensitive data like credentials.
Among the critical vulnerabilities addressed, a particularly concerning one is a remote code execution (RCE) flaw in Windows SPNEGO Extended Negotiation (NEGOEX), designated CVE-2025-47981. This vulnerability carries a high CVSS score of 9.8 and is described as a heap-based buffer overflow, allowing an unauthenticated attacker to execute code remotely on a target system with low attack complexity and no user interaction. The nature of this flaw makes it a prime target for attackers seeking initial access or lateral movement within networks. Microsoft has also highlighted critical RCE vulnerabilities in Microsoft Office, with several rated as "more likely" to be exploited, including some that can be triggered via the preview pane without requiring a user to open a document, posing a significant risk to users' security. The July Patch Tuesday also includes fixes for vulnerabilities in Microsoft SharePoint, with an RCE flaw that requires authenticated access but could allow an attacker to execute code on the server. Additionally, vulnerabilities impacting Windows Hyper-V and other system components have been addressed. With a total of 130 CVEs patched, including numerous critical flaws, it is imperative for all organizations to review and apply these updates promptly to protect their systems and data from potential exploitation. The proactive patching of these vulnerabilities is essential for maintaining a strong security posture against the ever-evolving threat landscape. 
ImgSrc: cyberscoop.com
Share:
References :
Classification:
@socprime.com
//
A critical vulnerability, identified as CVE-2025-5777 and nicknamed "CitrixBleed 2," has been discovered in Citrix NetScaler ADC and Gateway. This memory disclosure vulnerability allows unauthenticated remote attackers to extract sensitive information, including session tokens and credentials, from affected devices. Security researchers and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirm that this flaw is being actively exploited in the wild. The vulnerability is particularly concerning due to its similarity to the infamous CVE-2023-4966, or "CitrixBleed," which also led to widespread exploitation and session hijacking. The ease of exploitation and the potential for bypassing multi-factor authentication (MFA) make this a significant threat to organizations globally.
Exploitation of CitrixBleed 2 reportedly began as early as mid-June, with proof-of-concept exploits now publicly available. This has led to a surge in scanning activity as attackers search for vulnerable systems. The U.S. government has been alerted to the severity of the threat, with CISA issuing an urgent directive for federal agencies to patch their NetScaler systems within 24 hours. Despite this, concerns remain that a significant portion of Citrix customers have not yet applied the necessary patches, mirroring the delayed response seen during the previous CitrixBleed crisis. The ability for attackers to hijack existing user sessions and gain unauthorized access to critical systems highlights the urgent need for immediate mitigation. The technical details of CVE-2025-5777 reveal that it stems from insufficient input validation, leading to memory overreads when NetScaler is configured as a Gateway or an AAA virtual server. Attackers can trigger a memory leak by sending specially crafted HTTP requests to the NetScaler login endpoint. The leaked memory can contain sensitive session tokens, allowing attackers to impersonate authenticated users and bypass MFA, thereby gaining access to internal networks. The potential consequences of successful exploitation range from data breaches and ransomware attacks to the disruption of critical operations across various sectors, including finance and healthcare. Organizations are strongly advised to update their Citrix NetScaler devices to the latest fixed versions immediately. 
ImgSrc: socprime.com
Share:
References :
Classification:
|