GovInfoSecurity

Fortinet Locks Down FortiCloud SSO Amid Zero-Day Attacks

Network security giant Fortinet locked out cloud customers from its single sign-on service until they update device firmware ...

Microsoft Issues Emergency Patch for Active Office Zero-Day

Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security ...
Cyber Daily

Hacked: US cyber agency adds 6 vulnerabilities to known-exploited listing

A Microsoft zero-day vulnerability has been added to the KEV catalogue alongside the SmarterTools SmarterMail authentication ...
Security Boulevard

Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...
EdTech Magazine

Multifactor Authentication Keeps Cybercriminals Out of K–12 Networks

Recently, a survey by the Consortium for School Networking found that the share of K–12 districts using multifactor ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ...
Appuals

Fix: Minecraft Bedrock “Error Code: Drowned”

When Minecraft Bedrock (Minecraft for Windows) loads your Microsoft profile, it may show: “Failed to login: We could not sign ...

Custom-made 'vishing' kits are attacking SSO accounts across the world - Google, Microsoft and Okta under threat, here's what we know

Security researchers from Okta revealed they “detected and dissected” multiple custom phishing kits which are currently being ...
CPO Magazine

FBI Alert: North Korean Hackers Using Malicious QR Codes in Phishing Attacks

The FBI has warned about North Korean hackers Kimsuky leveraging QR codes in phishing attacks targeting U.S. and foreign government entities, academia, think tanks, and others.
CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.