Tag: authentication bypass
87 articles

Polyfill Compromise Targets Major Websites with Rogue Login Prompts
Major websites, including Toshiba and Muji, have been compromised by a rogue login prompt scam through polyfill.io, tricking visitors into entering sensitive information. If you encountered the fake sign-in screen, be sure to cancel and change your password to protect your account.

Unpatched Windows Search Flaw Exposes User Hashes
A newly discovered vulnerability in Windows' search feature can be exploited to steal user passwords, allowing hackers to gain access to sensitive information. By simply clicking on a malicious link, a user's login credentials can be exposed to attackers.

Dashlane Exposes Brute-Force Attack on User Accounts
Dashlane recently alerted a small group of users, fewer than 20, that an external threat actor had launched a brute-force attack on their accounts, attempting to bypass two-factor authentication and gain unauthorized access. The company quickly sprang into action, notifying affected users and taking steps to protect their accounts.

Cyberattacks Accelerate as AI Lowers Bar for Threat Actors
Defaults and automation are handing attackers cheap, fast entry points, making it alarmingly easy for them to wreak havoc - just like in the case of Gogs, where open registration and unlimited repository creation allow unauthenticated attackers to create an account and repository with ease. This vulnerability is being exploited, along with a critical authentication bypass flaw in PAN-OS and Prisma Access, underscoring the urgent need for heightened cybersecurity measures.

Palo Alto VPN Bug Sees Active Exploitation
Security experts at Rapid7 have confirmed that hackers are actively exploiting a critical authentication bypass flaw in Palo Alto Networks' VPN, putting PAN-OS users at risk of targeted attacks. This urgent development means users must patch their systems ASAP to prevent exploitation.

Dashlane Disrupts Service Amid Brute-Force Attacks
Dashlane recently took swift action to protect its users, suspending customer accounts in response to a surge of brute-force attacks that triggered the company's automatic defenses, putting engineers' weekends on hold. This decisive move showcases the password manager's commitment to safeguarding user security.

Palo Alto Networks Warns of Active Exploitation of High-Severity VPN Bug
Palo Alto Networks has issued a warning about active exploitation of a high-severity VPN bug, urging users to patch their systems ASAP to avoid falling prey to potential security breaches. The vulnerability, CVE-2026-0257, allows attackers to bypass security restrictions and establish unauthorized VPN connections.

Hackers Exploit Palo Alto GlobalProtect VPN Auth Bypass Flaw in Attacks
Hackers are actively exploiting a critical flaw in Palo Alto's GlobalProtect VPN, known as CVE-2026-0257, to gain unauthorized access to corporate networks. This alarming vulnerability allows attackers to bypass security restrictions and establish fake VPN connections.

Palo Alto Networks Warns of Active Exploitation of GlobalProtect Flaw
Palo Alto Networks has issued a warning about a critical GlobalProtect flaw, CVE-2026-0257, that is being actively exploited, allowing attackers to bypass security restrictions and establish unauthorized VPN connections. This vulnerability affects specific PAN-OS and Prisma Access deployments with certain configurations.

Gogs Vulnerability Exposes Remote Code Execution Risk
A newly discovered vulnerability in Gogs puts servers at risk of remote code execution, allowing any authenticated user to inject malicious code through a simple pull request. By crafting a malicious branch name, attackers can exploit the --exec flag in git rebase to run unauthorized shell commands.

Cisco Exposes New Zero-Auth Vulnerability in Secure Workload Platform
Cisco has uncovered a critical zero-auth vulnerability in its Secure Workload platform, allowing attackers to access sensitive information and make configuration changes with alarming ease and admin-level privileges. This severe flaw, scoring a perfect 10.0 on the CVSS scale, demands immediate attention to prevent exploitation.

Cisco SD-WAN Zero-Day Exploited for Admin Access
A critical zero-day vulnerability, CVE-2026-20182, has been exploited in Cisco SD-WAN, allowing hackers to gain unrestricted administrative control with a severity score of 10 on the CVSS scale. This flaw enables unauthenticated attackers to manipulate network configurations and take control of Cisco Catalyst SD-WAN Controller with ease.

Cisco Zero-Day Exploited in Ongoing Attacks by Persistent Threat Group
A newly discovered Cisco zero-day vulnerability, CVE-2026-20182, is being exploited in ongoing attacks, allowing threat actors to gain the highest administrative access to a network controller, essentially handing them a master key to wreak havoc. This max-severity flaw has sparked a race against time for Cisco customers and national cyber authorities to contain the damage.

CISA Flags Cisco SD-WAN Vulnerability as Exploited
CISA has flagged a critical Cisco SD-WAN vulnerability, CVE-2026-20182, as exploited, giving federal agencies until May 17, 2026, to patch the authentication bypass flaw that could grant hackers administrative privileges. This vulnerability, scoring 10.0 on the CVSS scale, is now a top priority for remediation.

Hackers exploit auth flaw in Burst Statistics WordPress plugin
A critical bug in the Burst Statistics WordPress plugin, affecting 200,000 sites, allows hackers to impersonate administrators and gain unauthorized access. This alarming vulnerability, already showing signs of exploitation, puts countless websites at risk.

Cisco SD-WAN Flaw Exploited in Zero-Day Attacks
A critical vulnerability in Cisco's SD-WAN system is being actively exploited, allowing attackers to bypass authentication and gain unauthorized access. This high-risk flaw, tracked as CVE-2026-20182, affects both on-prem and cloud deployments of Cisco Catalyst SD-WAN products.

Cisco SD-WAN Flaw Actively Exploited for Admin Access
Cisco is urging customers to update their SD-WAN systems immediately due to a critical vulnerability that allows hackers to bypass authentication and gain admin access. This high-severity flaw, already being exploited, could put your entire system at risk if left unpatched.

Threat Actors Exploit PraisonAI Auth Bypass Within Hours of Disclosure
Within hours of a security flaw being disclosed, threat actors were exploiting it - a stark reminder of the risks of a legacy Flask API server that ships with authentication disabled by default. This gaping hole allowed attackers to access sensitive endpoints and trigger workflows without a token, putting systems at risk.

cPanel Flaw Exploited to Deploy Filemanager Backdoor
Over 2,000 attacker source IPs worldwide are currently involved in automated attacks exploiting a critical cPanel vulnerability, CVE-2026-41940, which allows remote attackers to gain elevated control and deploy malicious backdoors. This flaw has been targeted by multiple actors for a range of malicious outcomes, including cryptocurrency mining and ransomware.

Active Directory Breaches Persist After Password Resets
Resetting passwords isn't enough to keep hackers at bay, especially in Active Directory environments where cached credentials and sync delays can leave gaping security holes. Even after a password reset, attackers can still find ways to exploit outdated credentials and gain unauthorized access.

AI Infrastructure Exposes Widespread Security Gaps
A staggering 2 million hosts and 1 million exposed services were uncovered through a simple scan of certificate transparency logs, revealing alarming security gaps in AI infrastructure. The findings painted a concerning picture: most AI projects lack even basic authentication, leaving them vulnerable to exploitation.

Progress Patches MOVEit Automation Flaw Enabling Authentication Bypass
Progress Software has patched critical vulnerabilities in MOVEit Automation, including an authentication bypass flaw rated CVSS 9.8, that could allow hackers to gain unauthorized access and control. The update fixes CVE-2026-4670 and CVE-2026-5174, protecting users from potential data exposure and administrative takeover.

Cybercrime Groups Exploit AI for Rapid, High-Impact Attacks
Cybercrime groups are leveraging AI to launch lightning-fast, high-impact attacks, outpacing security patches and leaving devastating consequences in their wake. This week, a critical vulnerability in cPanel and WHM was exploited, leading to website wipes, botnet deployments, and ransomware attacks.

Progress Warns of MOVEit Automation Authentication Bypass Flaw
Progress Software has patched a critical authentication-bypass flaw in its MOVEit Automation product, and is strongly urging users to upgrade to the latest version to avoid low-complexity attacks by remote threat actors. Upgrading to version 2025.1.5, 2025.0.9, or 2024.1.8 and above will fix the vulnerability.