Tag: authentication

Metasploit Update Introduces 7 Exploit Modules Affecting Popular Enterprise Platforms

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cyber, exploit, framework, update, vulnerability

A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the increasing sophistication of attack chains leveraging authentication bypass vulnerabilities chained with subsequent code execution techniques. FreePBX Vulnerability Chain Takes Center Stage Rapid7 introduces three specialized modules targeting FreePBX, a popular…
Microsoft to disable NTLM by default in future Windows releases

Jan 30, 2026 7:24 PM

Tags: authentication, microsoft, ntlm, vulnerability, windows

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-ntlm-by-default-in-future-windows-releases/
The Complete Guide to Authentication Implementation for Modern Applications

Jan 30, 2026 7:24 PM

Tags: authentication, guide, passkey

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, passwordless authentication, passkeys, and enterprise SSO with production-ready code examples. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/the-complete-guide-to-authentication-implementation-for-modern-applications/
Cisco sees vulnerability exploitation top phishing in Q4

Jan 30, 2026 6:21 PM

Tags: authentication, cisco, exploit, monitoring, phishing, threat, vulnerability

The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat to the enterprise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-threat-report-exploitation-phishing/810977/
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Over 200 Magento Stores Compromised In Rootkit Rampage via Zero-Day Exploit

Jan 30, 2026 4:22 PM

Tags: attack, authentication, cve, cyber, exploit, vulnerability, zero-day

A dangerous wave of attacks exploiting CVE-2025-54236, dubbed >>SessionReaper,<< in Magento e-commerce platforms. This vulnerability lets attackers bypass authentication by reusing invalid session tokens, paving the way for session hijacking and full server takeovers. Researchers uncovered multiple intrusion campaigns hitting Magento sites worldwide, with over 200 stores suffering root-level compromises. In the most alarming incident,…
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Jan 30, 2026 4:22 PM

Tags: access, authentication, browser, chatgpt, chrome, cybersecurity, data, google, malicious, openai, tool

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens.One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome First…
Hugging Face infra abused to spread Android RAT in a large-scale malware campaign

Jan 30, 2026 2:23 PM

Tags: android, authentication, control, credentials, data, finance, guide, malicious, malware, rat, service

Abuse through smart hosting: Hugging Face is a go-to platform for developers hosting machine learning models, datasets, and tooling. According to Bitdefender, the resource is now being leveraged to mask malicious downloads amidst legitimate activity. While the platform uses ClamAV scanning on uploads, these controls currently fall short of filtering out cleverly disguised malware repositories,…
Why Passwordless Authentication Is Critical for Online Learning Student Services

Jan 30, 2026 12:21 PM

Tags: access, authentication, login, risk, service

Passwordless authentication reduces risk and friction in online learning. See how passwordless login protects accounts, boosts access, and supports student services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/why-passwordless-authentication-is-critical-for-online-learning-student-services/
Are Passkeys Safely Synced Across Multiple Devices?

Jan 30, 2026 12:21 PM

Tags: authentication, cloud, encryption, passkey

Explore the security of passkey synchronization. Learn how end-to-end encryption and cloud providers keep passwordless authentication secure across devices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/are-passkeys-safely-synced-across-multiple-devices/
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
SolarWinds addressed four critical Web Help Desk flaws

Jan 29, 2026 10:24 PM

Tags: authentication, flaw, rce, remote-code-execution, update, vulnerability

SolarWinds patched six Web Help Desk vulnerabilities, including four critical flaws exploitable without authentication for RCE or auth bypass. SolarWinds released security updates to address six Web Help Desk vulnerabilities, including four critical bugs that allow unauthenticated remote code execution or authentication bypass. The three critical flaws found by watchTowr, and specifically by researcher Piotr…
CISA, security researchers warn FortiCloud SSO flaw is under attack

Jan 29, 2026 6:25 PM

Tags: attack, authentication, cisa, exploit, flaw, vulnerability

The exploitation activity comes weeks after a similar authentication bypass vulnerability was found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-researchers-warn-forticloud-flaw-attack/810861/
Google rolls out Android theft protection feature updates

Jan 29, 2026 1:23 PM

Tags: android, authentication, google, theft, tool, update

Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-rolls-out-android-theft-protection-feature-updates/
75% of Organisations Have Gaps in Core Security Controls, Research Finds

Jan 29, 2026 11:24 AM

Tags: authentication, control, mfa, network

New research by Nagomi Security has revealed an alarming disconnect between how secure organisations think they are, compared to where real exposure exists. This overconfidence, as explored in Nagomi’s The Illusion of Maturity: 2026 Enterprise Exposure Snapshot, means that organisations are facing overlapping exposure within their networks, potentially putting them at significant risk. Notably, incomplete multi-factor authentication…
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

Jan 29, 2026 11:24 AM

Tags: authentication, control, cve, flaw, rce, remote-code-execution, update, vulnerability

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution (RCE).The list of vulnerabilities is as follows -CVE-2025-40536 (CVSS score: 8.1) – A security control bypass vulnerability that could allow an unauthenticated First seen on thehackernews.com…
Crooks are hijacking and reselling AI infrastructure: Report

Jan 29, 2026 5:21 AM

Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerability

exposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
What is SAML and how does SAML Authentication Work?

Jan 29, 2026 5:21 AM

Tags: authentication

Deep dive into SAML 2.0 architecture for enterprise SSO. Learn how IdPs and SPs exchange XML assertions for secure B2B authentication and CIAM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/what-is-saml-and-how-does-saml-authentication-work/
SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams

Jan 29, 2026 5:21 AM

Tags: access, attack, authentication, awareness, breach, cisco, control, credentials, cve, cybersecurity, data, exploit, flaw, fortinet, infrastructure, malicious, programming, radius, rce, remote-code-execution, software, threat, update, vulnerability

Remote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical);Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high).CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication.The other two critical…
Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

Jan 28, 2026 11:21 PM

Tags: attack, authentication, cybersecurity, fortinet, login, malicious, zero-day

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-new-zero-day-malicious-sso-logins
When MFA Fails Quietly: Inside the Rise of AiTM Phishing Attacks

Jan 28, 2026 9:24 PM

Tags: attack, authentication, mfa, phishing, risk

Multi-factor authentication has long been treated as a security finish line. Once enabled, organizations assume that account takeover risks drop dramatically. Recent attacker behavior suggests otherwise. New reporting details a growing wave of adversary-in-the-middle (AiTM) phishing campaigns that are specifically designed to bypass MFA by hijacking authentication sessions in real time, according to IT Pro.…
Social Engineering Hackers Target Okta Single Sign On

Jan 28, 2026 8:22 PM

Tags: authentication, cloud, corporate, data, hacker, mfa, okta, phishing, social-engineering

ShinyHunters Campaign Uses Voice Phishing to Bypass MFA and Steal Corporate Data. Security experts warn that an active and ongoing campaign being waged by ShinyHunters extortionists has at least 150 organizations in its sights across a range of sectors, with attackers using live voice phishing to bypass multifactor authentication, steal cloud data and hold it…
Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)

Jan 28, 2026 6:21 PM

Tags: authentication, cve, exploit, flaw, fortinet

Fortinet released fixes for a critical FortiOS SSO auth bypass (CVE-2026-24858) actively exploited, impacting FortiOS, FortiManager, and FortiAnalyzer. Fortinet started rolling out patches for a critical FortiOS flaw under active attack. The bug, CVE-2026-24858 (CVSS score of 9.4), lets attackers bypass authentication via SSO. It affects FortiOS, FortiManager, and FortiAnalyzer, while Fortinet checks if other…
Stop Staring at JSON: How GenAI is Solving the API >>Context Crisis<<

Jan 28, 2026 5:21 PM

Tags: ai, api, attack, authentication, banking, business, credentials, credit-card, data, endpoint, governance, mobile, organized, risk, soc, threat, tool

There is a moment that happens in every SOC (Security Operations Center) every day. An alert fires. An analyst looks at a dashboard and sees a UR: POST /vs/payments/proc/77a. And then they stop. They stare. And they ask the question that kills productivity: “What does this thing actually do?” Is it a critical payment gateway?…
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws

Jan 28, 2026 4:23 PM

Tags: authentication, flaw, rce, remote-code-execution, update, vulnerability

SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
Microsoft Exchange Online to End Support for SMTP AUTH Basic Authentication

Jan 28, 2026 4:23 PM

Tags: authentication, cyber, email, microsoft

Microsoft has announced a revised deprecation timeline for SMTP AUTH Basic Authentication in Exchange Online, giving organizations an extended runway to modernize legacy email workflows. The updated schedule reflects customer feedback and adoption challenges, providing clearer milestones through 2027 before the authentication method is permanently retired. The new deprecation roadmap addresses real-world implementation barriers facing…
Critical FortiCloud SSO zero”‘day forces emergency service disablement at Fortinet

Jan 28, 2026 1:21 PM

Tags: advisory, attack, authentication, cisa, cloud, cve, cyber, exploit, fortinet, infrastructure, kev, login, malicious, risk, service, tool, update, vulnerability

Attack details and indicators: Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “cloud-noc@mail.io” and “cloud-init@mail.io,” though the company warned “these addresses may change in the future.”Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities.”Following authentication via SSO, it has been…
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Jan 28, 2026 6:21 AM

Tags: authentication, cve, exploit, flaw, fortinet, update, vulnerability

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild.The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it’s…
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Jan 28, 2026 1:21 AM

Tags: attack, authentication, cve, exploit, firmware, fortinet, update, vulnerability, zero-day

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-blocks-exploited-forticloud-sso-zero-day-until-patch-is-ready/