Skip to main content

Tag: mfa bypass

131 articles

Office worker sits at desk with laptop, surrounded by papers, with a concerned expression.

Browser-Based Phishing Attacks Evade Detection by Cybersecurity Software

Most cybersecurity tools are doing their job - but that's exactly the problem, as they're not designed to catch attacks that occur at the browser session layer, where attackers are now hiding. One in five phishing attacks on enterprise browsers slip through undetected, according to Menlo Security's latest report.

Analyst 207
Laptop in office setting with remote access VPN connection setup, hinting at security vulnerability.

Check Point Discloses Zero-Day Auth Bypass Bug Under Active Exploitation

A critical authentication flaw, CVE-2026-50751, has been discovered in Check Point's Remote Access VPN and Mobile Access solutions, allowing attackers to bypass user authentication and establish a remote access VPN connection without a valid password. This severe vulnerability, scoring 9.3 on the CVSS scale, affects deployments using the outdated IKEv1 key exchange protocol.

Analyst 207
Threat Actors Exploit Microsoft Teams for Phishing Attacks

Threat Actors Exploit Microsoft Teams for Phishing Attacks

Phishing attacks are getting smarter, with threat actors now using trusted platforms like Microsoft Teams to target unsuspecting employees, accounting for 42% of all phishing alerts in just the first four months of 2026. These sneaky messages can land directly in your feed, masquerade as internal IT support, and trick you into taking action with alarming ease.

Analyst 207
Network operations center with a laptop showing a blurred VPN configuration screen amidst office equipment.

CISA Mandates Patching of Exploited Check Point VPN Bug

A critical vulnerability in Check Point VPNs, known as CVE-2026-50751, has been exploited in dozens of organizations worldwide, with one incident linked to Qilin ransomware. This bug allows hackers to bypass authentication and establish remote access, putting targeted organizations at risk.

Analyst 207
Remote access VPN setup with laptop and router in foreground and blurred office background.

Check Point Discloses Zero-Day Flaw Exploited by Ransomware Groups

Check Point has uncovered a zero-day flaw, CVE-2026-50751, that allowed ransomware groups to exploit a critical authentication bypass in Remote Access and Mobile Access deployments, prompting an emergency fix. The vulnerability enabled attackers to establish a remote access VPN connection without proper authentication.

Analyst 207
Network equipment and router setup in a data center or network operations room.

Check Point Exposes VPN Zero-Day Link to Qilin Ransomware Gang

A critical VPN vulnerability, CVE-2026-50751, has been exploited in attacks linked to the notorious Qilin ransomware gang, affecting a handful of organizations worldwide. Check Point has released security updates to patch this authentication bypass flaw in its legacy Remote Access and Mobile Access deployments.

Analyst 207
Smartphone with Instagram login screen on display, set against a blurred cityscape background.

Meta AI Flaw Compromises 20,000 Instagram Accounts

A bug in Meta's AI-powered support feature, High Touch Support, allowed outsiders to access nearly 20,000 Instagram accounts by exploiting a flaw that failed to verify email addresses for password reset requests. This oversight enabled hackers to bypass security checks and gain unauthorized account access.

Analyst 207
Smartphone on a neutral surface with blurred cityscape or office background.

Meta Exposes Flaw in AI Support System Used to Hijack 20,000 Instagram Accounts

Meta revealed that over 20,000 Instagram accounts were hijacked after attackers exploited a vulnerability in its AI-powered support system, allowing them to reset passwords and gain unauthorized access. The flaw was found in a system called High Touch Support, an AI-assisted account recovery tool designed to help users regain control of their accounts.

Analyst 207
Helpdesk workers surrounded by cubicles, phones, and fluorescent lighting, with an atmosphere of unease and vulnerability.

Ransomware Gang Pink Exploits Helpdesk Calls to Steal Credentials

Meet Pink, a notorious ransomware gang that's exploiting helpdesk calls to steal sensitive credentials using clever tactics like vishing and IT impersonation. They're using these stolen secrets to exfiltrate valuable data from enterprise cloud storage and productivity systems, leaving victims with a tough choice: pay up or face the consequences.

Analyst 207
Brightly-lit office setting with computer workstation in foreground and blurred screen.

Multiple Breaches Expose Sensitive Data Across Industries

Sensitive data has been compromised across various industries in a series of alarming breaches, including a clever social engineering scam that exposed info of 6 million Carnival Corporation customers and two incidents involving learning management company Instructure's Canvas platform. These breaches highlight the growing threat of cyber attacks and the importance of robust data protection measures.

Analyst 207
Smartphone on a neutral surface with a blurred mobile app interface and a hint of a cityscape through a nearby window.

Microsoft 365 Android Apps Expose Account Tokens Due to Debug Flag Oversight

A single line of code, "setIsDebugMode(true)," inadvertently left in multiple Microsoft 365 Android apps, created a gaping security hole that allowed other apps on the same phone to access sensitive account tokens without user permission. This tiny oversight, discovered by Enclave's Yanir Tsarimi and Ofek Levin, exposed users to potential security risks.

Analyst 207
Laptop screen shows a browser window with a webpage, set against a blurred office or city background.

Browser Becomes Front Line in AI Security Battle

The battle for AI security is heating up, and the browser has become the front line - with security teams facing a double threat of AI-powered attacks converging in this critical space. Attackers are leveraging AI to supercharge phishing techniques, including device code phishing kits that have surged 18x in just one year.

Analyst 207

Meta AI Exploited to Hijack High-Value Instagram Accounts

A shocking security breach has hit Instagram, where hackers exploited Meta's AI-powered support system to hijack high-value accounts, leaving users helpless and zero humans in the loop to fix the issue. Attackers cleverly tricked Meta's AI into thinking they were the legitimate owners by using an AI-generated video, bypassing automated checks and taking control of rare or valuable accounts.

Analyst 207
Smartphone with chatbot interface on screen, conveying vulnerability.

Hackers Exploit Instagram AI Chatbot to Hijack User Accounts

Hackers recently tricked Instagram's AI chatbot into handing over account controls, highlighting a critical vulnerability in AI agent authorization - a problem that's proving tougher to crack than authentication. By falsifying user locations and manipulating the chatbot, attackers were able to change account email addresses and passwords.

Analyst 207
Smartphone displaying a login page on a neutral surface with a blurred office background.

Hackers Exploit Meta's AI Bot to Hijack Instagram Accounts

This weekend, hackers exploited a vulnerability in Meta's AI-powered customer support tool to hijack high-profile Instagram accounts, highlighting the platform's notoriously poor human support infrastructure. A simple sequence of steps, documented in a video circulated on Telegram, allowed attackers to add a new email address to an account and seize control.

Analyst 207
Person's hand holds smartphone in brightly-lit urban setting with subtle hint of unease.

Chinese Phishing Services Shift to Live Credential Interception Tactics

Cyber attackers are now using live administration panels to interact with victims in real-time, capturing one-time passcodes and instantly bypassing multifactor authentication protections. This new tactic allows them to neutralize security measures and steal sensitive information more effectively.

Analyst 207
Laptop on office desk with papers and supplies, subtle hint of phishing attempt nearby.

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts

Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.

Analyst 207
Modern office setting with laptop and smartphone on a tidy desk, hinting at a cyber threat.

FBI Warns of Kali365 Phishing Kit's OAuth Token Heist

The FBI has sounded the alarm on Kali365, a phishing-as-a-service platform that's making it easy for even novice hackers to steal Microsoft 365 login credentials and bypass security measures like multifactor authentication. This subscription-based service, mainly spread through Telegram, provides attackers with AI-generated phishing lures, campaign templates, and real-time tracking tools to target individuals and organizations.

Analyst 207
Typical office setting with laptop on desk, surrounded by papers and supplies.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users

The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

Analyst 207
Brightly-lit network operations room with equipment racks and cables, laptop screen blurred in foreground.

Hackers Exploit SonicWall VPN Flaw to Bypass MFA

In a shocking exploit, hackers have successfully bypassed multi-factor authentication on SonicWall VPN devices, breaching security in as little as 30 minutes. ReliaQuest researchers detected the first in-the-wild exploitation of CVE-2024-12802, warning of a swift and stealthy threat.

Analyst 207
Person interacting with laptop and smartphone at a cluttered desk.

Device Security Must Complement Identity to Thwart Modern Threats

Authentication is no longer enough to guarantee security - even with multi-factor authentication in place, phishing kits can capture session tokens, allowing attackers to bypass security checks undetected. As a result, device security must step up to complement identity and prevent modern threats.

Analyst 207
Law enforcement officials in a secure facility render code-signing credentials invalid.

Microsoft Disrupts Cybercrime Service Selling Code-Signing Certificates to Ransomware Gangs

Microsoft has disrupted a notorious cybercrime operation, dubbed Fox Tempest, that sold code-signing certificates to ransomware gangs, allowing them to disguise malware as legitimate Windows software. The operation, which created over 580 fake Microsoft accounts, has been linked to two individuals, John Doe 1 and John Doe 2, who allegedly traded in real, Microsoft-issued code-signing credentials.

Analyst 207
Brightly lit computer workstation with Microsoft interface and cityscape background.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks

Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

Analyst 207
Laptop on a table with blurred background, symbolizing vulnerability.

Microsoft Vulnerabilities Spike in Critical Areas

A single critical flaw, like CVE-2025-55241, can give attackers unrestricted access to any tenant, highlighting the alarming rise in critical Microsoft vulnerabilities, which doubled in 2025 despite a stable overall number of vulnerabilities. This sharp increase in high-impact weaknesses demands attention and action.

Analyst 207