The Japanese manufacturer of intimate wellness products, Tenga, has issued a formal notification to its clientele regarding a security breach precipitated by unauthorized access to an employee’s professional electronic mail account. Through this compromised...
Fortinet has warned administrators that real-world attacks are once again exploiting the vulnerability FG-IR-19-283 (CVE-2020-12812), first disclosed in July 2020. Under certain FortiGate configurations, the flaw allows attackers to bypass two-factor authentication and log...
FortiGuard’s mid-year report for 2025 reveals that financially motivated attackers are increasingly eschewing complex exploits and bespoke malware. Rather than deploying heavy toolsets, they rely on legitimate accounts and authorized remote-access applications to slip...
Huntress has published a detailed account of an incident in which attackers, having exploited a vulnerable SonicWall VPN, gained access to the management console and nearly stripped the organization of its defensive capabilities by...
Cybercriminal groups have begun exploiting a new phishing service, VoidProxy, on a massive scale, enabling them to steal credentials, multi-factor authentication codes, and session tokens from Microsoft and Google accounts in real time. According...
Proton, a company renowned for its commitment to privacy and security, made an unfortunate misstep in its latest offering—Proton Authenticator, a two-factor authentication app. In the iOS version, users’ TOTP secrets—used to generate one-time...
Microsoft is preparing a significant update for users of its Authenticator app on iOS devices. Beginning in September, a new backup system will roll out, eliminating the need to sign in with a personal...
Microsoft has announced its intention to discontinue password support within the Authenticator app starting August 1, 2025. This move forms part of the company’s broader global initiative to shift away from traditional login methods...