US Air Force investigating data breach caused by Microsoft SharePoint issue

The US Air Force is reportedly investigating a potential data breach caused by a Microsoft SharePoint issue. A report from The Register revealed the Air Force Personnel Center Directorate of ...
Bleeping Computer

JetBrains warns of new TeamCity auth bypass vulnerability

JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin ...
Bleeping Computer

Latest Authentication Bypass news

A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers to forge credentials and bypass ...

Researchers warn VoidProxy phishing platform can bypass MFA

The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data ...
The Hacker News

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and ...
SiliconANGLE

Newly detailed ‘Tycoon 2FA’ phishing kit bypasses multifactor authentication

Cybersecurity researchers at Sekoia ApS’ Threat Detection & Research team are warning of a new phishing kit linked to the adversary-in-the-middle technique that is being utilized by multiple threat ...
Gadget on MSN

Phishing attacks coming from inside the business

Although phishing activity declined by 40% compared to Q1, it remained the leading initial access method for threat actors, according to a new Cisco Talos report.
The Hacker News

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Fortra GoAnywhere CVE-2025-10035 was exploited a week before disclosure, enabling pre-authentication remote code execution.
Infosecurity-magazine.com

Critical Ivanti Authentication Bypass Bug Exploited in Wild

A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) has now been exploited by threat actors in the wild, according to the US Cybersecurity and Infrastructure ...
Liliputing

Security researches bypass Windows Hello fingerprint authentication due to “multiple vulnerabilities”

A growing number of Windows laptops feature fingerprint sensors with support for Microsoft’s Windows Hello technology. The idea is to let users login quickly by tapping a finger against the sensor ...
Forbes

Passwordless Authentication: The Stairway To A Secure Future

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. We're at a crossroads where authentication protocols and mechanisms need a complete refresh ...

Bell Adds Multi-Factor Authentication to MyBell App

Bell has rolled out multi-factor authentication (MFA) to its MyBell app, adding an extra layer of security for customers ...