latesthackingnews.com

Palo Alto’s GlobalProtect Authentication Bypass Was Exploited Four Days After Disclosure

CVE-2026-0257's GlobalProtect authentication bypass went from advisory to active exploitation in four days. The recurring ...
Bleeping Computer

Critical SAP flaw allows remote attackers to bypass authentication

SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system.
Infosecurity-magazine.com

Three Plead Guilty to Running MFA Bypass Site

Three men have pleaded guilty to running a website which helped cybercriminals hijack victims’ bank accounts, even though they were protected with multi-factor authentication (MFA). OTP Agency was run ...
Bleeping Computer

Ivanti warns of critical vTM auth bypass with public exploit

Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts.