Hackers steal Discord accounts with RedTiger-based infostealer

Attackers are using the open-source red-team tool RedTiger to build an infostealer that collects Discord account data and ...

Hackers Turn RedTiger Tool Into Malware Stealing Gamers’ Discord Accounts

A new cyber threat is sweeping through the gaming community — hackers have turned a legitimate cybersecurity testing tool ...

Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...
GitHub

Python: ApplicationInsights agent span has incorrect token numbers

agent-framework v 1.0.0b251007 (But the same was true for v 1.0.0b251001) AzureOpenAIResponsesClient setup_observability(enable_sensitive_data=True ...
GitHub

MCP Python SDK Implementaion Gap 15- lack token isolation when calling upstream APIs

If the MCP server makes requests to upstream APIs, it may act as an OAuth client to them. The access token used at the upstream API is a separate token, issued by the upstream authorization server.