authentication
129 articles with this tag
CRITICAL
MEDIUM
INFO
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
INFO
HIGH
MEDIUM
INFO
CRITICAL
MEDIUM
CRITICAL
CRITICAL
CRITICAL
MEDIUM
MEDIUM
HIGH
HIGH
MEDIUM
MEDIUM
INFO
INFO
HIGH
CRITICAL
MEDIUM
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
INFO
INFO
INFO
INFO
MEDIUM
INFO
INFO
LOW
INFO
LOW
INFO
INFO
INFO
INFO
HIGH
INFO
MEDIUM
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
CRITICAL
MEDIUM
CRITICAL
INFO
INFO
MEDIUM
LOW
MEDIUM
INFO
INFO
INFO
CRITICAL
INFO
HIGH
HIGH
INFO
HIGH
HIGH
INFO
CRITICAL
INFO
MEDIUM
HIGH
INFO
CRITICAL
CRITICAL
CRITICAL
INFO
HIGH
CRITICAL
HIGH
HIGH
INFO
HIGH
HIGH
HIGH
INFO
CRITICAL
MEDIUM
HIGH
INFO
HIGH
HIGH
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Vulnérabilité dans Apereo CAS (28 mai 2026)
Defense by accumulation
USN-8315-1: MediaWiki vulnerabilities
USN-8320-1: Memcached vulnerabilities
From Cookies to Keys: The Threat of Session Hijacking
ABB AbilityTM Zenon Remote Transport Vulnerability
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
What Is Single Sign-On? The Practical Guide | Huntress
CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers
CVE-2026-7168 cross-proxy Digest auth state leak
Earbud sensors can authenticate users by their heartbeat, study finds
[NEU] [hoch] Microsoft Authenticator: Schwachstelle ermöglicht Offenlegung von Informationen
CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Siemens Opcenter RDnL
Siemens SIPROTEC 5
[UPDATE] [mittel] PAM: Schwachstelle ermöglicht Privilegieneskalation
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
MyAudi app:Security issues in Audi Connected Vehicle experience
CVE-2026-42256 net-imap: Denial of service via high iteration count for `SCRAM-*` authentication
CVE-2026-40379 Microsoft Enterprise Security Token Service (ESTS) Spoofing Vulnerability
World Passkey Day: Advancing passwordless authentication
Critical Buffer Overflow in Palo Alto Networks PAN-OS User-ID Authentication Portal (CVE-2026-0300)
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Proton Pass: Second-Password Bypass Through Emergency Access
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670)
Progress warns of critical MOVEit Automation auth bypass flaw
Critical cPanel vulnerability actively exploited in the wild
ABB Edgenius Management Portal
ABB Ability OPTIMAX
FIDO Alliance wants to keep AI agents from going rogue on online payments
The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards
Stopping AiTM attacks: The defenses that actually work after authentication succeeds
What Is Multi-Factor Authentication (MFA)? | How MFA Secures Businesses | Huntress
USN-8212-1: authd vulnerability
Users advised to drop passwords and make room for passkeys
Microsoft to roll out Entra passkeys on Windows in late April
UK's NCSC endorses passkeys over traditional passwords
OAuth 2.0 BCP §4.14 reuse detection in practice — race vs theft disambiguation
Offer customers passkeys by default, UK’s NCSC tells enterprises
UK’s NCSC calls passkeys the default, says passwords are no longer fit for the purpose
NCSC Backs Passkeys, Hailing a New Era of Sign-in
Pass the key, passwords have passed their sell-by date
Strengthening authentication with passkeys: A CISO playbook
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Prove Identity Platform connects verification, authentication, and fraud prevention
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse
CVE-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509
CVE-2026-33032: Nginx UI Missing MCP Authentication
From Bazooka to Fake Nikes
Cisco says critical Webex Services flaw requires customer action
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA
Wi-Fi roaming security practices for access network providers and identity providers
[NEU] [niedrig] MongoDB C Driver: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
To counter cookie theft, Chrome ships device-bound session credentials
Google Rolls Out Cookie Theft Protections in Chrome
Authentication is broken: Here’s how security leaders can actually fix it
Proof-of-Personhood Without Biometrics: The IRLid Protocol
Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication
Critical Cisco IMC auth bypass gives attackers Admin access
Your customer passed authentication. So why are they sending money to a scammer?
PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough.
Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability
6 key trends reshaping the IAM market
OpenSIPS SQL Injection to Authentication Bypass (CVE-2026-25554)
Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference
ACP — Cryptographic admission control for autonomous agent actions (Ed25519, anti-replay, delegation chains)
Critical HPE AOS-CX Vulnerability Allows Admin Password Resets
Passwords, MFA, and why neither is enough
[NEU] [mittel] Microsoft Authenticator App: Schwachstelle ermöglicht Offenlegung von Informationen
MFA Bypass in GUI
Autonomous agent traffic as an emerging attack surface
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Where Multi-Factor Authentication Stops and Credential Abuse Starts
we at codeant found a bug in pac4j-jwt (auth bypass)
Bitwarden adds support for passkey login on Windows 11
Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability
Copeland XWEB and XWEB Pro
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Your AD password complexity policies are security theater — one RPC call bypasses all of them (PoC scripts + defense included)
10 Passwordless-Optionen für Unternehmen
Six flaws found hiding in OpenClaw’s plumbing
[UPDATE] [hoch] Red Hat Enterprise Linux (Advanced Cluster Management): Mehrere Schwachstellen
Researchers Reveal Six New OpenClaw Vulnerabilities
Redpanda brings identity, policy control, and data governance to AI agents
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
Kraken Darknet Access via Clearnet Gateways – some observations
Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services
Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era
Gogs Vulnerabilities Enable Code Execution and Access Abuse - Advisories
CVE-2026-25537 Impact, Exploitability, and Mitigation Steps | Wiz