Topic: multi-factor authentication bypass

  • Patch Alert: CitrixBleed 2 Still a Threat (CVE-2025-5777)

    Patch Alert: CitrixBleed 2 Still a Threat (CVE-2025-5777)

    A critical vulnerability (CVE-2025-5777) in Citrix NetScaler systems is being exploited, enabling session hijacking and unauthorized access despite Citrix's denial of confirmed attacks. The flaw allows attackers to extract session tokens via manipulated login requests, potentially compromising ad...

    Read More »
  • Scattered Spider Attacks: 3 Crucial Lessons for Insurance Firms

    Scattered Spider Attacks: 3 Crucial Lessons for Insurance Firms

    Insurance companies are increasingly targeted by cybercriminals like Scattered Spider, exploiting weak identity security and help desk procedures to breach major insurers such as Aflac and Erie Insurance. Scattered Spider uses impersonation and social engineering to bypass multi-factor authentica...

    Read More »
  • 1,200+ Citrix servers vulnerable to critical auth bypass flaw

    1,200+ Citrix servers vulnerable to critical auth bypass flaw

    Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass, with potential active exploitation despite Citrix's denial. The flaw, dubbed "Citrix Bleed 2," allows attackers to steal session tokens and creden...

    Read More »
  • Microsoft SaaS Vulnerability Exposed Apps for 2 Years

    Microsoft SaaS Vulnerability Exposed Apps for 2 Years

    A critical security flaw in Microsoft’s Entra ID, called nOAuth, has exposed thousands of enterprise applications for two years, allowing unauthorized access to sensitive data by exploiting unverified email claims. The vulnerability bypasses security measures like MFA and Zero Trust, affecting ov...

    Read More »
Close

Adblock Detected

We noticed you're using an ad blocker. To continue enjoying our content and support our work, please consider disabling your ad blocker for this site. Ads help keep our content free and accessible. Thank you for your understanding!