Security News

Cybercriminals blend AI and social engineering to bypass detection
2025-04-21 05:00

Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says DirectDefense....

ASUS warns of critical auth bypass flaw in routers using AiCloud
2025-04-18 16:05

ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. [...]

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
2025-04-17 15:22

The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting...

New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs
2025-04-16 16:18

Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege...

41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That
2025-04-16 14:02

Your dashboards say you're secure—but 41% of threats still get through. Picus Security's Adversarial Exposure Validation uncovers what your stack is missing with continuous attack simulations and...

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
2025-04-13 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday...

Hackers exploit WordPress plugin auth bypass hours after disclosure
2025-04-10 19:11

Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. [...]

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)
2025-04-07 11:28

WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute...

Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option
2025-04-04 08:26

Microsoft is killing the Windows 11 bypass trick — soon, all setups will require internet and a Microsoft Account, leaving privacy-conscious users with fewer options.

New Windows 11 trick lets you bypass Microsoft Account requirement
2025-04-01 21:33

A previously unknown trick lets you easily bypass using a Microsoft Account in Windows 11, just as Microsoft tries to make it harder to use local accounts. [...]