IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could ...

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.

QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. Hackers have started to exploit the ...

A new report out today from Barracuda Networks Inc. has detailed how phishing attacks grew more sophisticated and harder to detect in 2025 thanks to the rapid evolution of phishing-as-a-service kits ...

Okta has addressed an authentication bypass bug that affects those with long usernames or employers with wordy domain names. The security hole could have allowed cybercriminals to pass Okta AD/LDAP ...

IBM disclosed a critical CVSS 9.8 authentication bypass in IBM API Connect that could allow remote access; patches are now ...

A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. An authentication-bypass ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, Dec. 25, 2024: This story, originally published Dec.

Companies relying on Microsoft BitLocker to encrypt the drives of their employees’ computers should install the latest Windows patches immediately. A researcher disclosed a trivial Windows ...

OpenBSD has patched four vulnerabilities including privilege escalation flaws and a remotely exploitable authentication bypass. OpenBSD is an open source Unix operating system based on Berkeley ...