The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.
Forbes

New 2FA Security Warning—30 Million Authentication Cookies Up For Sale

Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...
Dark Reading

Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild

Attackers are actively exploiting an authentication bypass flaw found in the Palo Alto Networks PAN-OS software that lets an unauthenticated attacker bypass authentication of that interface and invoke ...
Bleeping Computer

Cisco warns of auth bypass bug with public exploit in EoL routers

Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. It is caused by improper validation of user ...
Forbes

Yubico Issues Security Advisory As 2FA Bypass Vulnerability Confirmed

Yubico is most likely the first name that comes to mind when you think about two-factor authentication hardware keys and other secure authentication solutions. And for good reason: it has been leading ...