Summary Gamers are a hot target for infostealers these days. This blog post is the second we have published this month about an infostealer targeting gamers, with the previous one describing a Python-based malware targeting Discord. This blog post focuses on RedTiger, a red-teaming tool from which we have seen multiple payloads circulating in the […]| Netskope
Summary During threat hunting activities, Netskope discovered a new, multi-function Python RAT that leverages the Telegram Bot API as a command and| Netskope
Summary In the first two parts (1, 2) of this series, we broke down how the Model Context Protocol (MCP) works and explored attacks like tool poisoning and cross-server tool shadowing. In this post, we turn to two of the most subtle and dangerous risks facing MCP-enabled environments: Both techniques demonstrate a hard truth: LLMs […]| Netskope
Summary In Part 1 of this blog series, we explored the architecture, capabilities, and risks of the Model Context Protocol (MCP). In this post, we will focus on two attack vectors in the MCP ecosystem: prompt injection via tool definitions and cross-server tool shadowing. Both exploit how LLMs trust and internalize tool metadata and responses, […]| Netskope
