This Week in Scams: $16.6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge | McAfee Blog

This Week in Scams: .6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge | McAfee Blog

Welcome to the first edition of This Week in Scams, a new weekly series from McAfee breaking down the latest fraud trends, headlines, and real-time threats we’re detecting across the digital landscape.  This week, we’re spotlighting the FBI’s shocking new cybercrime report, the rise of AI-generated deepfakes, and a sophisticated Gmail impersonation scam flagged by Google. We’re also seeing a surge in location-specific toll scams and fake delivery alerts—a reminder that staying ahead of scammers…

Read More

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix that’s available through its support portal and it should be applied immediately, especially on systems that are directly exposed to the internet. “Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full remote code execution and total system compromise,”…

Read More

Invest in AI search as an enterprise business asset

Invest in AI search as an enterprise business asset

Nearly every enterprise is experimenting with AI, but an overwhelming 90% of AI projects never scale beyond the proof-of-concept stage, and more than 97% of organizations experience difficulties demonstrating the business value of generative AI (genAI), according to an Informatica survey.[i] A major reason is that many cautious business leaders treat AI as a source of incremental improvements to existing processes rather than a tool to reshape core business functions. Too often, business leaders underestimate the people, behavior,…

Read More

Frontline lessons: What cybersecurity leaders can learn from attacks

Frontline lessons: What cybersecurity leaders can learn from attacks

In cybersecurity, confidence can be a liability. I’ve seen organizations of all sizes assume they’re safe — until an attack proves otherwise. As threats grow more sophisticated, companies pour time and money into defending their systems. But too often, they focus on the wrong things, like fixing vulnerabilities that are not critical to operations, and reality catches them off guard. Cyber resilience isn’t about checking boxes — it’s about whether your business can survive, recover,…

Read More

VMware Product Release Tracker (vTracker)

VMware Product Release Tracker (vTracker)

This page contains a list of products released by VMware. vTracker is automatically updated when new products are available to download (GA) at vmware.com. If you want to get notified about new VMware Products, subscribe to the RSS Feed. You can also use the JSON export to build your own tool. Feel free to comment when you have any feature requests. 2025-04-25VMware Data Services Manager 2.2.2 [Release Notes] 2025-04-10VMware ESXi 8.0.3 Patch Release: ESXi80U3e-24674464 [Release…

Read More

How to build and deliver an MCP server for production | Docker

How to build and deliver an MCP server for production | Docker

In December of 2024, we published a blog with Anthropic about their totally new spec (back then) to run tools with AI agents: the Model Context Protocol, or MCP. Since then, we’ve seen an explosion in developer appetite to build, share, and run their tools with Agentic AI – all using MCP. We’ve seen new MCP clients pop up, and big players like Google and OpenAI committing to this standard. However, nearly immediately, early growing…

Read More

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

New observations published by Secureworks’ Counter Threat Unit (CTU) have found that law enforcement activity has forced ransomware groups to shift away from the traditional affiliate model, notably used by the infamous LockBit gang. The CTU observed DragonForce and Anubis ransomware operators introducing novel models to attract affiliates and increase profits. DragonForce’s Distributed Model DragonForce, which emerged in August 2023 as a ransomware-as-a-service (RaaS) scheme, has recently rebranded itself as a “cartel.” According to Securework’s…

Read More

Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability Watch Can Help

Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability Watch Can Help

Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems are invaluable but can lack context. Here’s how Tenable’s Vulnerability Watch classification system can help. Background Over the past six years working in Tenable’s research organization, I’ve watched known vulnerabilities and zero-day flaws plague organizations in the immediate aftermath of disclosure or even years afterwards. Following each blog…

Read More

SAP Fixes Critical Vulnerability After Evidence of Exploitation

SAP Fixes Critical Vulnerability After Evidence of Exploitation

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver Visual Composer is SAP’s web-based modelling tool that allows business process experts and developers to build business application components without requiring manual coding. The vulnerability, tracked as CVE-2025-31324, is an unauthenticated file upload vulnerability in the Metadata Uploader component of the SAP NetWeaver Visual Composer Framework version…

Read More

Now Is Not the Time to Cut Back on Security Teams

Now Is Not the Time to Cut Back on Security Teams

Generative artificial intelligence (AI) is revolutionising the way businesses operate. The widespread adoption and integration of models, such as OpenAI’s ChatGPT and Google’s Gemini, into everyday organisational processes has resulted in the seismic growth of the global market, which is expected to reach $1.3 trillion in 2032. The rapid advancement of AI models has created a highly competitive environment where companies are channelling unprecedented resources into AI development. However, the extreme pressure to keep up and innovate…

Read More
1 2 3 2,730