ZDNet

Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass

Microsoft has warned that the hacking group behind the 2020 SolarWinds supply chain attack have a new technique for bypassing authentication in corporate networks. The trick, a highly specialized ...
Bleeping Computer

Latest Authentication Bypass news

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. Attackers are doubling down ...
Forbes

New 2FA Security Warning—30 Million Authentication Cookies Up For Sale

Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...
Forbes

2FA Code Warning As Hackers Steal 17 Billion Cookies To Use In Attacks

Two-factor authentication is, without a shadow of a doubt, a necessity given the current threat landscape where infostealers rule supreme. If you are not using passkeys already, then your passwords ...
Bleeping Computer

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication. The security issue received ...