Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security ...
CVE-2026-0257's GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring ...
VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. vCenter Server is the control ...
An API authorization-bypass flaw in the infrastructure of a leading US broadband provider exposed millions of business customer devices to attacks, giving threat actors access to permissions on the ...
Check Point has urged customers to patch a critical zero-day vulnerability in its Remote Access VPN and Mobile Access solutions that is being actively exploited. CVE-2026-50751 is an authentication ...
Federal agencies have until June 1, 2026, to patch a critical authentication bypass in Palo Alto Networks’ GlobalProtect VPN, and the clock started ticking on May 29. That is a three-day remediation ...
A highly organized phishing-as-a-service operation (PhaaS) is targeting Microsoft 365 accounts across financial firms with business email compromise (BEC) attacks that leverage a two-factor ...
Cybercriminals are increasingly targeting active sessions instead of passwords, and Kali365 is emerging as one of the ...
Multi-factor authentication (MFA) has long been considered one of the strongest defences against cyberattacks. If a password ...
Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results