Forbes

2FA Code Warning As Hackers Steal 17 Billion Cookies To Use In Attacks

Two-factor authentication is, without a shadow of a doubt, a necessity given the current threat landscape where infostealers rule supreme. If you are not using passkeys already, then your passwords ...
The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Bleeping Computer

Critical auth bypass bug in CrushFTP now exploited in attacks

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security ...
Bleeping Computer

VMware fixes vCenter Server bugs allowing code execution, auth bypass

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. vCenter Server is the control ...