Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...

QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. Hackers have started to exploit the ...

A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers to forge credentials and bypass ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, Dec. 25, 2024: This story, originally published Dec.

A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) has now been exploited by threat actors in the wild, according to the US Cybersecurity and Infrastructure ...

Cybersecurity researchers at Sekoia ApS’ Threat Detection & Research team are warning of a new phishing kit linked to the adversary-in-the-middle technique that is being utilized by multiple threat ...

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.

Ivanti has patched another major vulnerability, this time affecting its Virtual Traffic Manager (vTM). Ivanti vTM is an application delivery controller (ADC) within its vADC (Virtual Application ...

A new report out today from Barracuda Networks Inc. has detailed how phishing attacks grew more sophisticated and harder to detect in 2025 thanks to the rapid evolution of phishing-as-a-service kits ...

Computer scientists have discovered a method of attack that can successfully bypass voice authentication security systems with up to a 99% success rate after only six tries. Computer scientists at the ...