News

Microsoft Entra account lockouts caused by user token logging mishap
Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens ...
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from ...
State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced ...
New Android malware steals your credit cards for NFC relay attacks
A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks ...
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing ...
Widespread Microsoft Entra lockouts tied to new security feature rollout
Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the ...
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain ...
Entertainment services giant Legends International discloses data breach
Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has ...
7 Steps to Take After a Credential-Based cyberattack
Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your ...
Google Gemini AI is getting ChatGPT-like Scheduled Actions feature
Google Gemini is testing a ChatGPT-like scheduled tasks feature called "Scheduled Actions," which will allow you to create ...
CISA warns of increased breach risks following Oracle Cloud leak
CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted ...
Windows NTLM hash leak flaw exploited in phishing attacks on governments
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing ...