VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. vCenter Server is the control ...

Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. It is caused by improper validation of user ...

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 ...

An API authorization-bypass flaw in the infrastructure of a leading US broadband provider exposed millions of business customer devices to attacks, giving threat actors access to permissions on the ...

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.

A vulnerability in Microsoft’s multifactor authentication (MFA) system has been uncovered by cybersecurity firm Oasis Security, allowing attackers to bypass security measures and access sensitive data ...

Security researchers say Iranian state-backed group MuddyWater posed as IT staff on Microsoft Teams to gain remote access, bypass multi-factor authentication, and steal sensitive data. The attackers ...

Claude AI users are reporting unauthorized charges linked to a 'gift' loophole that allows attackers to bypass two-factor authentication. The scam uses stolen credentials or hijacked browser sessions ...