Mandiant Exposes Major Flaw In Outdated Windows Authentication

Mandiant, the Google-owned cybersecurity firm, has publicly released a comprehensive dataset of Net-NTLMv1 rainbow tables, ...

ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...
Windows Report

Microsoft Starts New Kerberos Hardening Phase for Windows Domain Controllers

Microsoft rolls out new Kerberos protections to block RC4 encryption, with enforcement mode becoming mandatory for domain controllers in 2026.
Microsoft

Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint

Microsoft Defender Researchers uncovered a multi‑stage AiTM phishing and business email compromise (BEC) campaign targeting ...

Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of ...
Microsoft

From runtime risk to real‑time defense: Securing AI agents

Why securing AI agents at runtime is essential as attackers find new ways to exploit generative orchestration.
Bleeping Computer

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Over 10,000 Fortinet firewalls are still exposed online and vulnerable to ongoing attacks exploiting a five-year-old critical two-factor authentication (2FA) bypass vulnerability. Fortinet released ...