Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

Hackers Tricked Meta AI Into Handing Out Access to Major Instagram Accounts

The core of the attack centered on Meta’s recently expanded AI support chatbot, which the company positioned as a faster way ...

FBI sounds alarm on phishing tool that steals Microsoft 365 accounts without passwords

The FBI is warning that a new hacking platform is allowing cybercriminals to hijack Microsoft 365 accounts — including ...

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks.
SecurityWeek

The Credential Crisis: How Stolen Credentials Defeat Modern Security

Stolen credentials and AI-driven attacks are allowing cybercriminals to bypass traditional security defenses and operate as ...