Microsoft: Security keys may prompt for PIN after recent updates

Microsoft warned users on Tuesday that FIDO2 security keys may prompt them to enter a PIN when signing in after installing ...

Microsoft to secure Entra ID sign-ins from script injection attacks

Starting in mid-to-late October 2026, Microsoft will enhance the security of the Entra ID authentication system against ...

ASUS warns of new critical auth bypass flaw in AiCloud routers

ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in ...

Passwork 7: Self-hosted password and secrets manager for enterprise teams

Passwork 7 unifies enterprise password and secrets management in a self-hosted platform. Organizations can automate credential workflows and test the full system with a free trial and up to 50% Black ...

OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide

Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency ...

The Black Friday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

Black Friday 2025 is almost here, and early deals are already live across security software, online courses, system ...

FBI: Cybercriminals stole $262M by impersonating bank support teams

The FBI warns of a surge in account takeover (ATO) fraud schemes and says that cybercriminals impersonating various financial ...

Microsoft: Exchange Online outage blocks access to Outlook mailboxes

Microsoft is investigating an Exchange Online service outage that is preventing customers from accessing their mailboxes using the classic Outlook desktop client.

Microsoft is speeding up the Teams desktop client for Windows

Microsoft says it will add a new Teams call handler beginning in January 2026 to reduce launch times and boost call ...

Code beautifiers expose credentials from banks, govt, tech orgs

Thousands of credentials, authentication keys, and configuration data impacting organizations in sensitive sectors have been ...

ClickFix attack uses fake Windows Update screen to push malware

New ClickFix attack variants have been observed where threat actors trick users with a realistic-looking Windows Update animation in a full-screen browser page and hide the malicious code inside ...

Malicious Blender model files deliver StealC infostealing malware

A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D ...