Bleeping Computer

Cisco warns of auth bypass bug with public exploit in EoL routers

Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. It is caused by improper validation of user ...
Bleeping Computer

Latest Authentication Bypass news

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...
Threat Post

Netgear Authentication Bypass Allows Router Takeover

Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Netgear has patched three ...
Dark Reading

Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT

A proof-of-concept exploit is now available for a near maximum-severity flaw in Fortra's GoAnywhere Managed File Transfer (MFT) software that the company publicly disclosed on Jan. 23 after quietly ...
Hosted on MSN

Passwordstate users should patch this auth bypass vulnerability immediately, company says

Passwordstate's latest version patches an authentication bypass flaw It could be abused to access the Passwordstate Administration section without authentication There are workarounds, too ...
Infosecurity-magazine.com

Critical Ivanti Authentication Bypass Bug Exploited in Wild

A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) has now been exploited by threat actors in the wild, according to the US Cybersecurity and Infrastructure ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.