Explore Problems

Showing 183 of 6,918 problems · matching your filters

Air-Gapped Networks Have No Passive Threat Detection Without Active Scanning Risk

Security teams protecting air-gapped environments — defense, ICS, nuclear — cannot use conventional network detection tools that require active probes, which risk triggering false alerts or disrupting critical operations. Passive monitoring that can identify C2 beacons and DNS generation algorithm traffic without sending any packets is absent from the market. This leaves some of the highest-value targets with a fundamental detection blind spot.

1 mentions1 sources
S6.6L8
Security & Compliance · Network Security

MCP Servers Inject Context Tokens on Every Message Even When Not Used

Every configured MCP server injects tokens into the context window on each message, regardless of whether that server is needed for the current task. As developers add more MCP servers, context window bloat becomes severe and reduces effective model capacity. No selective MCP loading mechanism exists to activate servers only when relevant.

1 mentions1 sources Trending
S6.7L8
Developer Tools · AI & Machine Learning

npm Ecosystem Silently Executes Malicious Code via Transitive Dependencies

Every npm install is an implicit trust decision across hundreds of packages, any of which can execute arbitrary code via postinstall hooks with no user confirmation. The Axios backdoor attack demonstrated this at 80M weekly download scale, with sophisticated obfuscation and self-cleanup. Existing tools like Snyk detect known vulnerabilities but do not prevent silent postinstall execution from newly compromised accounts.

3 mentions2 sources
S6.7L8
Security & Compliance · Fraud Prevention
Previous10/10