Pass-the-Cookie attacks bypass MFA, granting full account access
Pass-the-Cookie attacks let hackers bypass MFA using stolen browser cookies, putting corporate accounts at risk across Office 365, Azure, and more. MFA works by verifying users through multiple factors, but [...]
Cisco Nexus Vulnerability Allows Malicious Command Injection
Cisco has released a critical advisory for a command injection vulnerability (CVE-2025-20161) affecting its Nexus 3000 and 9000 Series switches running in standalone NX-OS mode. Cisco Nexus Vulnerability This flaw [...]
The SafetyCore app from Google scans photos on Android devices
Recent reports show Google’s SafetyCore service, which scans content on devices, has been quietly installed on Android 9 and newer devices since October 2024. SafetyCore app The app, named com.google.android.safetycore, [...]
WordPress Plugin Flaw Exposes Millions to Script Injection
A critical flaw in the Essential Addons for Elementor plugin, affecting over 2 million WordPress sites, exposes them to script injection attacks through malicious URL parameters. WordPress Plugin Flaw The [...]
GRUB2 Vulnerabilities Put Millions of Linux Devices at Risk
GRUB2 vulnerabilities expose millions of Linux devices to secure boot bypass and remote code execution. Discovered during a security audit, these flaws impact filesystem parsing, memory management, and network settings. [...]
Get Social