WinBuzzer

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...
Infosecurity-magazine.com

Malicious PyPI Packages Use Compiled Python Code to Bypass Detection

Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse engineer Karlo Zanki, this could be the first ...
Bleeping Computer

Critical auth bypass bug in CrushFTP now exploited in attacks

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security ...
Forbes

New Windows Security Bypass Alert For Chrome And Edge Users

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. I first warned Forbes readers of the threat from something ...
Dark Reading

'Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs

A novel cyberattack method dubbed "Conversation Overflow" has surfaced, attempting to get credential-harvesting phishing emails past artificial intelligence (AI)- and machine learning (ML)-enabled ...
Bleeping Computer

Trend Micro fixes critical vulnerabilities in multiple products

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption ...
Forbes

Yubico Issues Security Advisory As 2FA Bypass Vulnerability Confirmed

Yubico is most likely the first name that comes to mind when you think about two-factor authentication hardware keys and other secure authentication solutions. And for good reason: it has been leading ...
Security Boulevard

From Chatbot to Code Threat: OWASP’s Agentic AI Top 10 and the Specialized Risks of Coding Agents

The rise of autonomous AI Agents – systems that plan, delegate, and execute complex workflows – has fundamentally reshaped the application security landscape. Just yesterday, the OWASP GenAI Security ...