Scan your AI-generated code from Cursor using Model Context Protocol (MCP)

We’re happy to announce that Cursor has validated Snyk’s CLI MCP server and added Snyk to their curated set of MCP tools from official providers. At Snyk, we recognized early on that although AI assistants accelerate development, they can inadvertently introduce vulnerable patterns, leverage outdated libraries, or even code with known security flaws. In order to maintain the rapid iteration cycles that AI enables, developers need security to be as agile as AI itself.

June 23, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: New MORE_EGGS campaign continues recruiting themes KTA032 (FIN6) has begun a new campaign using the MORE_EGGS JavaScript backdoor which continues its themes surrounding fake resumes leading to the malware deployment. The actor engaged with organization recruiters which led to emails containing a malicious domain (often containing the fake applicant’s first and last name). The domain contains several defense evasion techniques to avoid automated analysis tools from scanning.

What is CSRF (Cross-Site Request Forgery)?

CSRF is a web security vulnerability that tricks users into performing unwanted actions on a website where they are already authenticated like changing account settings or making a purchase without their knowledge. In this video, we explain how CSRF attacks work and how attackers exploit user trust to hijack authenticated sessions.

Disaster Recovery Best Practices | Webinar by Jason Taylor

Learn the fundamentals of Disaster Recovery in this insightful webinar led by Jason Taylor, Senior Cybersecurity Program Analyst at Sedara. He covers what disaster recovery is, common causes of disasters, response and recovery workflows (BCP, IR, and DR), the seven key steps to building a DR plan, recovery playbooks, and how to create an effective DR project plan. A must-watch for IT and security teams preparing for the unexpected.

You thought Elastic only did SIEM? Think again!

Elastic Extended Security, born from the acquisition of Endgame, brings years of battle-tested EDR and threat prevention expertise directly into Elastic’s Search AI Platform. This isn’t a bolt-on or third-party integration; it’s a native, deeply embedded component that redefines what’s possible with XDR. As data volumes grow exponentially, traditional EDR tools hit walls. Elastic doesn’t.

AI, out-of-the-box!

Elastic's GenAI capabilities are now available by default in Elastic Cloud Elastic AI features in Elastic Security, Observability, and Search are now enabled by default in Elastic Cloud. Getting started with generative AI (GenAI) shouldn’t be a project in itself. Too often teams encounter organizational friction that slows adoption of AI-based features, from third-party contracts and external API keys, to additional terms of service and billing management.

Cursor's One-click Install MCP in Action

In this video, I’m checking out the brand new Cursor 1.0 release and testing one of its most exciting new features — the one-click MCP install. Setting up MCP servers has never been this easy! Join me as I walk through the process, share my first impressions, and see how smooth (or not) the setup really is. If you’ve been curious about Cursor or want to simplify your MCP workflows, this one’s for you.

From manual to programmatic: Transforming risk registers for modern GRC

In this article Relying on manual risk registers is no longer a sustainable strategy. As organizations face more complex threats, regulatory shifts, and operational changes, static spreadsheets and disconnected documentation fall short. These manual methods often lead to inefficiencies, missed risks, and a lack of real-time visibility, hindering timely decision-making and exposing organizations to greater vulnerabilities.

AI Agents Take DC: Inside Washington's Developing Agentic Security Agenda

AI Agents have become one of the most discussed emerging technologies in enterprise environments, and now, they’ve captured the attention of policymakers in Washington, DC. Over the past several weeks, a series of developments have brought AI Agents into the national spotlight, particularly through the lens of cybersecurity and regulatory preparedness.