Tag: authentication

Hackers Abuse Apple PayPal Invoice Emails in DKIM Replay Attack Campaign

Feb 9, 2026 3:14 PM

Tags: apple, attack, authentication, cyber, dkim, email, exploit, finance, hacker, scam

A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as DKIM replay attacks, exploit email authentication systems to deliver scams that appear completely authentic. The technique is deceptively simple. Attackers create accounts on platforms like Apple’s App Store or PayPal and manipulate user-controlled…
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

Feb 9, 2026 10:14 AM

Tags: access, authentication, exploit, flaw, rce, remote-code-execution, update, vulnerability

BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.”BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company First seen on…
New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions

Feb 9, 2026 7:13 AM

Tags: api, authentication, credentials, cyber, login, malware, password, phishing, scam

A new and sophisticated Telegram phishing operation is active in the wild, targeting users globally by hijacking the platform’s legitimate authentication features. Unlike traditional phishing, which often relies on malware or cloning login pages to steal passwords, this campaign integrates directly with Telegram’s official infrastructure. The attackers register their own Telegram API credentials (api_id and api_hash) and…
Banks Face Dual Authentication Crisis From AI Agents

Feb 7, 2026 5:14 AM

Tags: ai, authentication, finance, framework

Experts Advise Moving From Verifying Identities to Knowing Agent Intentions. Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But agents are creating a dual authentication crisis that traditional security frameworks cannot address. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/banks-face-dual-authentication-crisis-from-ai-agents-a-30711
Moltbook Gave Everyone Control of Every AI Agent

Feb 7, 2026 1:14 AM

Tags: access, ai, api, authentication, control, data, data-breach, email, network

Database Misconfiguration Exposed 1.5 million API Tokens. A misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/moltbook-gave-everyone-control-every-ai-agent-a-30710
CISA gives federal agencies 18 months to purge unsupported edge devices

Feb 6, 2026 2:14 PM

Tags: authentication, cisa, cyber, data, exploit, firmware, Hardware, infrastructure, monitoring, network, risk, risk-assessment, service, software, technology, threat, update

Implementation hurdles: Sunil Varkey, advisor at Beagle Security, warns of implementation complexities. “The operational reality of removing legacy systems is not straightforward,” Varkey said. “Legacy devices continue to exist not by design, but by necessity.”He pointed to orphaned systems that remain live and embedded in workflows but lack clear ownership, and operational technology environments where…
Four new vulnerabilities found in Ingress NGINX

Feb 6, 2026 5:14 AM

Tags: access, api, authentication, container, cve, cybersecurity, data, exploit, group, injection, jobs, kubernetes, malicious, risk, service, strategy, vulnerability

custom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the auth-url annotation may be accessed even when authentication fails.CVE-2026-24512 is a configuration injection vulnerability where the rules.http.paths.path Ingress field can be used to inject configuration into nginx.…
Microsoft Urges Users to Finally Ditch NTLM Authentication

Feb 5, 2026 9:56 PM

Tags: authentication, google, mandiant, microsoft, ntlm

Seeking to Add Urgency, Mandiant Publishes Rainbow Tables for NTLM Key Hashes. For nearly 30 years, security experts have warned organizations to ditch the weak NTLM authentication protocol in Windows. But its use persists, even amidst easy and active exploits. Now Google has published rainbow tables for NTLMv1. Will this finally drive holdout organizations to…
Moxa Switches Vulnerability Enables Unauthorized Access through Authentication Bypass

Feb 5, 2026 2:14 PM

Tags: access, advisory, authentication, cyber, flaw, network, unauthorized, vulnerability

Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentially granting unauthorized access to critical network infrastructure. With a CVSS v4.0 score of 9.2, the vulnerability is classified as critical, urging immediate action from administrators…
Go”¯1.25.7 and Go”¯1.24.13 Released With Patches for Multiple Security Vulnerabilities

Feb 5, 2026 11:14 AM

Tags: authentication, cyber, update, vulnerability

The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent potential code smuggling and authentication bypass scenarios. Overview of the Vulnerability cmd/cgo: Code Smuggling via Comment Parsing The first vulnerability, tracked as CVE-2025-61732, affects the cmd/cgo tool, which enables…
Software supply chain risks join the OWASP top 10 list, access control still on top

Feb 5, 2026 9:13 AM

Tags: access, ai, attack, authentication, backdoor, backup, breach, cloud, computer, control, credentials, cybersecurity, data, data-breach, defense, encryption, flaw, governance, identity, injection, LLM, login, malicious, mfa, open-source, password, risk, software, sql, supply-chain, threat, unauthorized, update, vulnerability

1 Broken access control When applications fail to properly enforce restrictions on what authenticated users are allowed to do, allowing attackers to access unauthorized functionality or data. For example, an attacker might manipulate an URL parameter to access another user’s account information or escalate their privileges from a regular user to an administrator. This item…
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

Feb 4, 2026 2:13 PM

Tags: access, api, authentication, iam, identity, service, tool

An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls.The Challenge: Identity Lives Outside the Identity StackIdentity and access management tools were built to govern users and directories.Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication First seen on thehackernews.com…
Zero trust in practice: A deep technical dive into going fully passwordless in hybrid enterprise environments

Feb 4, 2026 12:14 PM

Tags: access, attack, authentication, backup, breach, business, cloud, compliance, credentials, cybersecurity, data, endpoint, group, Hardware, identity, infrastructure, lessons-learned, network, password, phishing, phone, risk, service, technology, update, windows, zero-trust

Architecture decisions: Hybrid authentication flows and Windows Hello for Business: Once your prerequisites are in place, you face critical architectural decisions that will shape your deployment for years to come. The primary decision point is whether to use Windows Hello for Business, FIDO2 security keys or phone sign-in as your primary authentication mechanism.In my experience,…
Hackers Exfiltrate NTDS.dit File, Gain Full Control of Active Directory Environments

Feb 4, 2026 11:13 AM

Tags: authentication, control, cyber, data, hacker, infrastructure, password, threat

Active Directory serves as the central repository for an organization’s authentication infrastructure, making it a prime target for sophisticated threat actors. The NTDS.dit database, which stores encrypted password hashes and critical domain configuration data, is the crown jewel of enterprise security. Successful acquisition of this file can lead to complete organizational compromise, enabling attackers to…
From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the Viral AI Agent

Feb 4, 2026 6:13 AM

Tags: access, ai, api, attack, authentication, computer, container, control, crypto, cve, data, data-breach, detection, docker, email, flaw, github, group, Hardware, injection, Internet, leak, login, malicious, malware, open-source, password, privacy, remote-code-execution, risk, scam, skills, software, threat, tool, unauthorized, vulnerability

Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to understand the vulnerabilities associated with Moltbot and the immediate security practices users must prioritize to mitigate this enormous agentic AI security risk. Key takeaways Moltbot takes an…
Microsoft Takes Major Security Step by Disabling NTLM Authentication by Default

Feb 3, 2026 11:14 PM

Tags: authentication, cyber, microsoft, ntlm, technology, windows

Microsoft is making a significant move to strengthen Windows security by phasing out NTLM (New Technology LAN Manager). This legacy authentication protocol has been part of Windows for over 30 years. The company plans to disable NTLM by default in upcoming Windows releases, replacing it with more secure Kerberos-based alternatives. NTLM is an old authentication…
Enabling and Securing Basic Authentication: A Comprehensive Guide

Feb 3, 2026 2:13 PM

Tags: authentication, credentials, encryption, guide

Learn how to enable and secure basic authentication for enterprise systems. Guide covers tls encryption, credential hygiene, and sso migration for ctos. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/enabling-and-securing-basic-authentication-a-comprehensive-guide/
The Future of Single Sign-on: Insights for 2025

Feb 3, 2026 10:13 AM

Tags: authentication, iam

Explore the evolution of Enterprise SSO and CIAM in 2025. Insights on SAML, passwordless authentication, and developer-first IAM solutions for CTOs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-future-of-single-sign-on-insights-for-2025/
Product showcase: 2FAS Auth Free, open-source 2FA for iOS

Feb 3, 2026 7:13 AM

Tags: 2fa, authentication, mfa, open-source, password

Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/product-showcase-2fas-auth-free-open-source-2fa-ios/
New phishing attack leverages PDFs and Dropbox

Feb 3, 2026 5:13 AM

Tags: access, attack, authentication, awareness, business, cloud, control, detection, email, hacker, infrastructure, login, mail, mfa, phishing, service, threat, tool, training, zero-trust

Masquerading as a safe document format: But after so many warnings about this over time, why are people still so trusting of PDFs and Dropbox?”Because, historically, they’ve actually been trained to be,” said Avakian. PDFs are routinely used in the business world and have been positioned as a safe, read-only document format for invoices, contracts,…
NSA Tells Feds: Zero Trust Must Go Beyond Login

Feb 3, 2026 1:13 AM

Tags: access, authentication, defense, login, zero-trust

New NSA Guidance Demands Continuous Access Checks, Implementation Overhaul. The National Security Agency’s new zero trust guidance instructs agencies to move beyond login-based security by continuously assessing user behavior and app-layer activity in real time, aiming to close gaps that allow post-authentication abuse and elevate federal defenses against modern threats. First seen on govinfosecurity.com Jump…
Hanging Up on ShinyHunters: Experts Detail Vishing Defenses

Feb 2, 2026 7:13 PM

Tags: attack, authentication, corporate, data, defense, exploit, phishing, software

Sophisticated Voice Phishing Campaigns Don’t Exploit Any Software Vulnerabilities. Amidst persistent voice phishing campaigns designed to trick employees and steal sensitive corporate data, security experts recommend organizations deploy phishing-resistant multifactor authentication, monitor for attacks and use live video verification to safeguard authentication changes. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hanging-up-on-shinyhunters-experts-detail-vishing-defenses-a-30657
ShinyHunters flip the script on MFA in new data theft attacks

Feb 2, 2026 6:13 PM

Tags: attack, authentication, data, mfa, phishing, theft, threat

Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/02/shinyhunters-mfa-social-engineering/
Microsoft sets a path to switch off NTLM across Windows

Feb 2, 2026 1:13 PM

Tags: authentication, microsoft, ntlm, switch, technology, windows

Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/02/microsoft-windows-ntlm-disabling/
Hackers Target MongoDB Instances to Delete Databases and Plant Ransom Notes

Feb 2, 2026 11:13 AM

Tags: attack, authentication, cyber, data-breach, exploit, extortion, hacker, Internet, ransom, ransomware, threat

A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls. Recent research reveals that opportunistic threat actors are leveraging automated scripts to wipe databases and demand Bitcoin ransoms, turning configuration negligence into a scalable extortion operation. Attack Resurfaces After Years…
1-Click Flaw in ClawDBot Allows Remote Code Execution

Feb 2, 2026 11:13 AM

Tags: authentication, cyber, flaw, malicious, remote-code-execution, vulnerability

A high-severity authentication bypass vulnerability has been discovered in ClawDBot, a popular npm package, enabling attackers to achieve remote code execution through a single malicious link. The flaw stems from the insufficient validation of the gateway URL parameter, combined with automatic connection behaviour that exposes authentication tokens to unauthorised actors. Vulnerability Overview The vulnerability, identified…
Google Uncovers Major Expansion in ShinyHunters Threat Activity Using New Tactics

Feb 2, 2026 11:13 AM

Tags: authentication, corporate, credentials, cyber, cybercrime, extortion, google, identity, mfa, phishing, service, software, tactics, threat

A substantial expansion in cybercrime operations using tactics consistent with ShinyHunters-branded extortion campaigns. These sophisticated operations employ advanced voice phishing (vishing) and victim-branded credential harvesting websites to compromise corporate environments by stealing single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. While the methodology of targeting identity providers and Software-as-a-Service (SaaS) platforms remains consistent with…
Mandiant details how ShinyHunters abuse SSO to steal cloud data

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cloud, credentials, data, mandiant, mfa, phishing, saas, theft

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-details-how-shinyhunters-abuse-sso-to-steal-cloud-data/
Metasploit Update Introduces 7 Exploit Modules Affecting Popular Enterprise Platforms

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cyber, exploit, framework, update, vulnerability

A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the increasing sophistication of attack chains leveraging authentication bypass vulnerabilities chained with subsequent code execution techniques. FreePBX Vulnerability Chain Takes Center Stage Rapid7 introduces three specialized modules targeting FreePBX, a popular…
The Complete Guide to Authentication Implementation for Modern Applications

Jan 30, 2026 7:24 PM

Tags: authentication, guide, passkey

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, passwordless authentication, passkeys, and enterprise SSO with production-ready code examples. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/the-complete-guide-to-authentication-implementation-for-modern-applications/