Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

squarex

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

Nov 19, 2025 By SquareX
SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users' devices. The research reveals that Comet has implemented a MCP API (chrome.perplexity.mcp.addStdioServer) that allows its embedded extensions to execute arbitrary local commands on users' devices, capabilities that traditional browsers explicitly prohibit. Concerningly, there is limited official documentation on the MCP API.
Read Post
seraphic

Seraphic Becomes the First and Only Secure Enterprise Browser Solution to Protect Electron-Based Applications

Nov 19, 2025 By Seraphic
Seraphic, the leader in enterprise browser security (SEB) and AI enablement, today announced native protection for Electron-based applications such as ChatGPT desktop, Teams, Slack, and more, becoming the first and only browser security platform to introduce this capability.
Read Post
lookout

What Is a Large Language Model (LLM)?

Nov 19, 2025 By Lookout In Lookout
The history of computing is marked by sea change moments; those times when the world seems to shift into a new possibility space almost overnight. ENIAC. The personal computer. The World Wide Web. The smartphone. And now, AI. While the term “AI” has been applied to many new (or re-branded) services and products, the underlying technology that makes most of them feel like magic is the large language model (LLM).
Read Post

Come see us at Microsoft Ignite: Live Demos & How We Optimize Your Security Stack

Nov 19, 2025 By Reach Security In Reach Security
We're live. Cheyenne, Walter, and Cain are giving demos, answering questions, and showing how Reach helps teams optimize their security stack. Level up your knowledge and get some loot on this side quest. Come see us: Microsoft Ignite — San Francisco Booth 4037 November 18–21, 2025.
View Video

Unlocking Microsoft E3/E5 Security: How Reach Finds Hidden Gaps and Automates Remediation

Nov 19, 2025 By Reach Security In Reach Security
New product tour who dis Most teams aren’t getting the full value out of their Microsoft E3/E5 stack — not because the tools aren’t powerful, but because the configurations are complex, scattered, and hard to operationalize. Reach maximizes your Microsoft security investment: Interrogating your current Microsoft security configurations→ Reach evaluates the current capabilities of the existing E3/E5 environment, analyzes how the current licenses are being utilized, and identifies opportunities to leverage E5 features to enhance the organization’s security posture.
View Video
reach security

Network Security Policy Management (NSPM): Keeping Policy and Reality Aligned

Nov 19, 2025 By John Dominguez In Reach Security
Network Security Policy Management (NSPM) is the discipline of defining, enforcing, and maintaining the network policies that govern how systems communicate, what data moves where, and who can access what. It sits at the intersection of security and operations, helping organizations maintain consistent, enforceable rules across increasingly complex infrastructures.
Read Post
wallarm

When your AI Assistant Becomes the Attacker's Command-and-Control

Nov 19, 2025 By Wallarm In Wallarm
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.
Read Post
acronis

Why cyber resilience - not just compliance - is critical for manufacturing OT environments

Nov 19, 2025 By Lee Pender In Acronis
Your manufacturing environment might be compliant, but that doesn't mean it's protected against a cyberattack. Even compliant systems can fall victim to cybercrime. And the consequences can be devastating. The SANS Institute sends a clear message in its 2025 State of ICS/OT Cybersecurity Survey: Regulatory compliance alone is no longer enough in operational technology (OT) environments.
Read Post
wallarm

APIs Are the Retail Engine: How to Secure Them This Black Friday

Nov 19, 2025 By Wallarm In Wallarm
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear up for huge surges in online traffic, ask yourself: have you protected the APIs on which the business runs?
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.