ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

19 WordPress Alternatives: From Simple Builders To Enterprise CMS

Looking for WordPress alternatives that fit your stack? Compare builders, ecommerce platforms, headless CMS, and site ...
The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is CVE-2020-12812 ...
The Hacker News

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover ...