Tag: mfa bypass
131 articles

Google scrambles to fix Android bug that lets Gemini bypass lock screen security
Google is racing to squash a newly discovered Android bug that allows sneaky users to bypass lock screen security and send SMS or WhatsApp messages using Gemini, all without entering the device PIN. A fix has already been implemented and is set to roll out this week.

Claude Extension Flaw Exposes AI Actions to Malicious Extensions
A security researcher discovered a vulnerability in Anthropic's Claude browser extension that allows malicious Chrome extensions to trick it into performing predefined AI actions on connected services like Gmail and Google Docs. This flaw could have serious consequences, as it only requires a simple simulated click to launch built-in workflows.

Attackers Exploit Zero-Days in SonicWall Appliances
Cyber attackers are exploiting two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, in SonicWall appliances, with ransomware attacks seemingly their ultimate goal. Rapid7's team has thwarted attempts at data exfiltration and encryption, but the threat remains.

OkoBot Malware Targets Hardware Wallets with Seed Phrase Phishing
Beware of OkoBot malware, a sneaky threat that's been targeting hardware wallet users since April 2025, tricking hundreds of victims in over 25 countries into divulging their seed phrases through clever phishing tactics. This malicious software can even infiltrate legitimate wallet apps like Ledger and Trezor, replacing their interfaces with fake recovery pages.

Ransomware Attacks Surge Through Compromised Logins
Ransomware attacks are surging, with a staggering 79% of incidents linked to compromised identities and legitimate user logins, making it the most common entry point for hackers. This marks a significant shift away from traditional software flaw exploitation, now accounting for just 18% of initial attacks.

Claude for Chrome Flaw Exposes Gmail, Google Docs to Rogue Extensions
A security flaw in Claude for Chrome could put your Gmail, Google Docs, and Calendar at risk of being accessed by rogue extensions, with researchers rating the vulnerability as high-severity. A simple script with just six lines of code can trick the extension into treating a fake click as a genuine user action.

Phishers Target LastPass, Bitwarden Users with Fake Security Alerts
Beware of fake security alerts! LastPass and Bitwarden users are being targeted by phishers with convincing emails that mimic real corporate communications, trying to trick you into visiting fraudulent websites.

Microsoft Tracks ShinyHunters' Salesforce Data Theft Via OAuth Flaws
Microsoft uncovered a sneaky year-long operation by the ShinyHunters extortion group, who exploited trust in Salesforce's OAuth system to steal sensitive data, using clever vishing tactics to trick employees into granting access to a malicious app. The attackers posed as IT support, convincing victims to authorize a fake Data Loader tool that allowed them to make API calls and search for valuable credentials.

Forg365 Phishing Service Targets Microsoft 365 with Advanced Device Code Theft
Meet Forg365, a sophisticated phishing service that's targeting Microsoft 365 users with advanced device code theft capabilities, offering a disturbingly user-friendly operator panel and a subscription-based model starting at just $400 a month. This illicit toolkit is being sold on Telegram, putting sensitive data at risk with its legitimate email delivery infrastructure and AI-powered email generation.

AI Agents Expose Identity Security Gap
The alarming truth is that security systems, designed with people in mind, are failing to protect against AI agents - and the consequences are stark. A single compromised machine identity can become a gateway to a vast array of sensitive information, as a recent breach involving an OAuth token and hundreds of organizations painfully illustrates.

Hackers Exploit Microsoft Entra Passkey Enrollment in Voice Phishing Attacks
Hackers are using voice phishing attacks to trick Microsoft 365 users into enrolling a new Entra passkey, targeting multiple sectors including food and beverage, technology, and healthcare. They're registering domains with the word "passkey" to convincingly pose as legitimate Microsoft representatives.

Helix Group Exploits SharePoint with Advanced Vishing Tactics
Helix Group hackers are using clever voice phishing tactics, often impersonating managers, to trick victims into handing over account access. They use a simple yet effective playbook, starting with a convincing phone call that sets the stage for a device-code phishing scheme.

Phishing Campaign Targets Microsoft 365 Users with Voice-Based Entra Passkey Scam
Beware of scammers impersonating Microsoft 365, tricking users into enrolling a fake Entra passkey by mimicking the real enrollment portal and leveraging voice calls to urge action. This sneaky phishing campaign has been targeting multiple sectors since April, putting unsuspecting users at risk.

EvilTokens Exposes New Blind Spot in Email Security
A shocking 75.6% of consulting firms were exposed to phishing attacks in 2026, with other industries like financial services, manufacturing, and tech also falling prey to these threats. EvilTokens' ghost phishing campaign uses a sneaky Microsoft Device Code Phishing tactic to trick victims into giving hackers access to their Microsoft 365 accounts.

Microsoft Telemetry Fingers Scattered Spider Suspect in US Crackdown
Microsoft's sharp-eyed telemetry has helped track down a suspect linked to the notorious Scattered Spider group, a prolific gang that allegedly raked in over $100 million in ransom payments by infiltrating more than 100 US company networks.

Meta Disrupts Phishing Campaign Targeting Facebook Business Users
Watch out for phishing scams targeting Facebook Business users - red flags include broken graphics, suspicious links, and unsolicited emails promising exciting opportunities. Experts warn that cybercriminals are getting sneaky, using legitimate-looking emails and Messenger chatbots to trick victims into taking action.

Phishers Exploit Microsoft Device Code Flow to Hijack M365 Accounts
Cyber attackers have cleverly exploited Microsoft's device code login flow to hijack M365 accounts, using a sneaky collaboration-style lure to trick users into handing over session tokens without even needing to steal passwords. This clever tactic abuses the OAuth 2.0 Device Authorization Grant, designed for constrained devices, to bypass security measures like multifactor authentication.

FBI Traces Scattered Spider Hacker via Persistent Windows Device ID
In a brazen ransom email, the attackers boldly declared, "IMPORTANT: WE STOLE THE DATA, CONTACT UMMEDIATELY," leaving no doubt about their malicious intentions. The hackers infiltrated the retailer's network through a clever help-desk ploy, tricking staff into resetting passwords and gaining control of critical accounts.

Google Sues Chinese Scammers Over Gemini AI Misuse
Google is taking a stand against scammers, suing a group called Outsider Enterprise that uses its Gemini AI feature to create fake websites and scam people through text messages. The group, which operates on Telegram, offers phishing-as-a-service, making it easy for non-tech-savvy scammers to target victims.

AI-Powered Ransomware Targets Victims with Autonomous Attacks
Imagine a ransomware attack that can think and act on its own - that's what Sysdig researchers recently observed, as an AI agent autonomously carried out a complex extortion operation with alarming speed and efficiency. This groundbreaking case of agentic ransomware has raised the stakes for cybersecurity, combining AI-driven decision-making with human-like orchestration to wreak havoc in just 31 seconds.

Microsoft Teams Abused to Deploy EtherRAT Malware via Fake IT Support Calls
Beware of fake IT support calls on Microsoft Teams - hackers are using convincing tactics, including a phishing email with a malicious PDF, to trick victims into downloading the potent EtherRAT malware. They impersonate system administrators to gain your trust, making it crucial to stay vigilant.

Phishing Campaign Targets Google Accounts with Fake Job Interviews
Beware of fake job interviews that could be phishing scams! A clever new campaign is targeting marketing pros with emails that appear to be from recruiters, aiming to trick them into handing over their Google account credentials.

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website
Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

Microsoft 365 Accounts Targeted in 3-Second Hijacking Attacks
Beware of a sneaky 3-second hack that can hijack your Microsoft 365 account with just a click - it starts with a harmless-looking link that tricks you into executing the attack yourself. This clever tactic, known as ClickFix, exploits a simple human reflex to gain control of your account.