‘SessionShark’ ToolKit Evades Microsoft Office 365 MFA
The creators of the toolkit are advertising it as an educational and ethical resource, but what it promises to provide…
The People Factor: Why Employees is the Biggest Challenge for Organisations
While technology can enhance efficiency and innovation, it is ultimately the people behind the machines who determine an organisation's success…
Passkeys Explained: The Future of Authentication and Secure Access
Passkeys are transforming digital authentication where users no longer need to rely on passwords to access their digital accounts
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of…
Single Sign-On (SSO) in an AI-Driven World: A Strategic Insight
AI is redefining the concept of identity to include non-human actors. Single Sign-On must evolve to authenticate and authorize intelligent…
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign
Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud…
Preventing and Detecting Advanced Phishing Attacks: Evilginx and AiTM Proxies
Session hijacking via phishing is no longer theory— it’s reality. Let’s make sure it doesn’t become your reality.
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating…
OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack
Researchers from Symantec showed how OpenAI’s Operator agent, currently in research preview, can be used to construct a basic phishing…
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security…
