-
TP-Link warns users to patch critical router auth bypass flaw
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.
- March 25, 2026
- 07:11 AM
4
-
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.
- March 10, 2026
- 11:27 AM
1
-
State of Browser Attacks: Learn from John Hammond, Troy Hunt & Matt Johansen
Join Push Security's free three-part webinar series where top security researchers break down the browser-based attacks driving today's biggest breaches - from AiTM phishing and ConsentFix to compromised credentials and session hijacking.
-
Bitwarden adds support for passkey login on Windows 11
Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication.
- March 04, 2026
- 05:34 PM
- 2
-
Microsoft to disable NTLM by default in future Windows releases
Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.
- January 30, 2026
- 12:08 PM
- 3
-
Google rolls out Android theft protection feature updates
Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves.
- January 29, 2026
- 06:56 AM
- 1
-
IBM warns of critical API Connect auth bypass vulnerability
IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely.
- December 31, 2025
- 05:34 AM
- 0
-
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication.
- December 09, 2025
- 01:36 PM
- 0
-
New wave of VPN login attempts targets Palo Alto GlobalProtect portals
A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicOS API endpoints.
- December 06, 2025
- 10:18 AM
- 0
-
Microsoft to secure Entra ID sign-ins from script injection attacks
Starting in mid-to-late October 2026, Microsoft will enhance the security of the Entra ID authentication system against external script injection attacks.
- November 26, 2025
- 08:26 AM
- 0
-
ASUS warns of new critical auth bypass flaw in AiCloud routers
ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled.
- November 26, 2025
- 06:41 AM
- 0
-
HP pulls update that broke Microsoft Entra ID auth on some AI PCs
HP has pulled an HP OneAgent software update for Windows 11 that mistakenly deleted Microsoft certificates required for some organizations to log in to Microsoft Entra ID, effectively disconnecting them from their company's cloud environments.
- October 23, 2025
- 05:50 PM
- 2
-
Microsoft: Recent Windows updates cause login issues on some PCs
Microsoft has confirmed that Windows updates released since August 29, 2025, are breaking authentication on systems sharing Security Identifiers.
- October 21, 2025
- 12:56 PM
- 3
-
Microsoft warns of Windows smart card auth issues after October updates
Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows Cryptographic Services.
- October 20, 2025
- 10:21 AM
- 1
-
New bug in classic Outlook can only be fixed via Microsoft support
Microsoft is investigating a known issue that causes the classic Outlook email client to crash upon launch, which can only be resolved via Exchange Online support.
- October 01, 2025
- 02:43 PM
- 6
-
Google shares workarounds for auth failures on ChromeOS devices
Google is working to resolve authentication failures preventing users from signing into their Clever and ClassLink accounts on some ChromeOS devices.
- August 28, 2025
- 02:30 PM
- 2
-
Passwordstate dev urges users to patch auth bypass vulnerability
Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible.
- August 28, 2025
- 12:16 PM
- 0
-
Okta open-sources catalog of Auth0 rules for threat detection
Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs.
- August 19, 2025
- 02:17 PM
- 0
-
Cisco warns of max severity flaw in Firewall Management Center
Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software.
- August 15, 2025
- 09:57 AM
- 0
-
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances.
- July 02, 2025
- 12:19 PM
- 1
-
Microsoft 365 to block file access via legacy auth protocols by default
Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols.
- June 18, 2025
- 11:14 AM
- 0
1
