%term

How to Add MCP Servers to Google's Antigravity IDE

Dec 22, 2025 By Snyk In Snyk

In this video, I walk you step by step through the process of adding MCP servers to Google’s Antigravity. You’ll learn how they integrate with Antigravity and how to configure them correctly so everything runs smoothly.

View Video

Snyk

Read more about How to Add MCP Servers to Google's Antigravity IDE

From Finding to Fix: Remediation Orchestration When Asset Ownership Is Missing

Dec 22, 2025 By Seemplicity In Seemplicity

Security teams don’t struggle to find issues. They struggle to move them forward. In this use case demo, we show how remediation coordination breaks down when assets have no clear owner, and how remediation orchestration restores accountability across teams, tools, and environments. You’ll see how security teams can move beyond manual handoffs, Slack messages, and guesswork by orchestrating remediation across teams, even when ownership is unclear or spans multiple domains.

View Video

Seemplicity

Read more about From Finding to Fix: Remediation Orchestration When Asset Ownership Is Missing

From Code to Agents: Proactively Securing AI-Native Apps with Cursor and Snyk

Dec 22, 2025 By Manoj Nair In Snyk

The rapid adoption of AI agents for development is creating a critical security gap. We are moving from predictable logic, deterministic code paths, and human-driven workflows to non-deterministic agents that reason, plan, and act autonomously using large language models across the broader software development lifecycle. As enterprises adopt these autonomous AI agents, the core challenge isn’t just the new risks and attack vectors; it’s a loss of runtime control.

Read Post

Snyk

Read more about From Code to Agents: Proactively Securing AI-Native Apps with Cursor and Snyk

Ultimate Guide to Vulnerability Assessment: What, Why & How (2026 Edition)

Dec 21, 2025 By Acronis In Acronis

If you’re an IT MSP, vulnerability assessment has grown from a river to a flood over the last couple of years. In 2020, there were 18,000 recorded common vulnerabilities and exposures (CVEs). By 2024, that number had more than doubled, eclipsing 40,000. And 2025 is showing no signs of reversing the trend. The rise of vulnerabilities means that manual vulnerability assessment is no longer possible.

Read Post

Acronis

Read more about Ultimate Guide to Vulnerability Assessment: What, Why & How (2026 Edition)

Zero-Day Vulnerabilities in November 2025

Dec 19, 2025 By Indusface In Indusface

In November 2025, AppTrana detected 227 zero-days and blocked every single one. Explore the full report to see how complete coverage looks.

View Video

Indusface

Read more about Zero-Day Vulnerabilities in November 2025

Critical React2Shell RCE Hits React and Next.js (CVE-2025-55182 / CVE-2025-66478)

Dec 19, 2025 By Sanskriti Jain In Astra

React2Shell is a severe remote, unauthenticated RCE vulnerability recently uncovered in React Server Components (RSC) and the Next.js App Router — tracked as CVE-2025-55182, with CVE-2025-66478 later merged as a duplicate — that allows attackers to execute arbitrary code on servers by exploiting insecure Flight protocol deserialization (CWE-502), earning the flaw a maximum CVSS score of 10.0.

Read Post

Astra

Read more about Critical React2Shell RCE Hits React and Next.js (CVE-2025-55182 / CVE-2025-66478)

Brave Search MCP in Action!

Dec 19, 2025 By Snyk In Snyk

Brave Search MCP in Action!

View Video

Snyk

Read more about Brave Search MCP in Action!

Detecting CVE-2025-20393 exploitation: catching UAT-9686 on Cisco appliances

Dec 19, 2025 By David Burkett In Corelight

CVE-2025-20393 is a CVSS 10.0 Remote Code Execution (RCE) flaw in Cisco Secure Email Gateways currently being actively exploited by China-nexus groups. A recent advisory from Cisco Talos details how an actor dubbed “UAT-9686” is leveraging this vulnerability to target Cisco Secure Email Gateways (ESA) and Secure Email and Web Managers (SMA). The attack allows threat actors to execute arbitrary commands with root privileges and deploy persistence mechanisms.

Read Post

Corelight

Read more about Detecting CVE-2025-20393 exploitation: catching UAT-9686 on Cisco appliances

CVE-2025-20393: Threat Campaign Targeting Cisco Secure Email Gateway, Cisco Secure Email and Web Manager

Dec 19, 2025 By Julian Tuin In Arctic Wolf

On December 17, 2025, Cisco published an advisory detailing a new threat campaign identified on December 10, affecting the Cisco AsyncOS software used on Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The campaign is exploiting an unpatched zero-day vulnerability, which only affects deployments with the Spam Quarantine feature enabled. It allows threat actors to execute arbitrary commands with root privileges on affected devices. This feature is not enabled by default.

Read Post

Arctic Wolf

Read more about CVE-2025-20393: Threat Campaign Targeting Cisco Secure Email Gateway, Cisco Secure Email and Web Manager

An Industry Analyst's Take on Nucleus 3.0

Dec 19, 2025 By Nucleus Security In Nucleus

In this episode of Nucleus Conversations, industry analyst and researcher Jon Oltsik unpacks the current state of exposure management, why so many organizations still struggle to manage cyber risk at scale, and the impact the recent Nucleus 3.0 releases will have for customers.

View Video