2FA bypass Archives • Daily CyberSecurity

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

New “Pheno” Malware Hijacks Microsoft Phone Link to Steal SMS and OTPs

Ddos May 7, 2026

Security researchers at Cisco Talos have uncovered a sophisticated campaign that allows attackers to steal SMS messages...

Scotland Man Pleads Guilty in Massive $8 Million Crypto-Heist and Phishing Campaign Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Scotland Man Pleads Guilty in Massive $8 Million Crypto-Heist and Phishing Campaign

Ddos April 21, 2026

A 24-year-old Dundee man has admitted his role in a sophisticated international cybercrime ring that utilized SMS...

Triple Threat: Critical Gogs Flaws (CVSS 9.3) Allow RCE & 2FA Bypass Gogs Vulnerability CVE-2025-8110 CVE-2025-64111

Triple Threat: Critical Gogs Flaws (CVSS 9.3) Allow RCE & 2FA Bypass

Ddos February 10, 2026

A triple threat of security vulnerabilities has been uncovered in Gogs, the popular self-hosted Git service known...

GitLab Alert: High-Severity 2FA Bypass & DoS Flaws Patched in Urgent Update GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Alert: High-Severity 2FA Bypass & DoS Flaws Patched in Urgent Update

Ddos January 21, 2026

GitLab has released an urgent security update for its Community (CE) and Enterprise (EE) editions, patching a...

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA

Ddos December 25, 2025

Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to...

The GRU’s Silent Shift: How BlueDelta Hijacks Ukrainian Webmail Using ngrok and Mocky BlueDelta Espionage, UKR.NET Phishing

The GRU’s Silent Shift: How BlueDelta Hijacks Ukrainian Webmail Using ngrok and Mocky

Ddos December 22, 2025

A persistent cyber-espionage campaign targeting Ukrainian webmail users has evolved its tactics to evade detection, leveraging a...

Critical Cal.com Flaw (CVE-2025-66489, CVSS 9.9) Allows Authentication Bypass by Submitting Fake TOTP Codes Cal.com Vulnerability CVE-2026-23478 Cal.com Auth Bypass, TOTP Logic Flaw

Cal.com Vulnerability CVE-2026-23478 Cal.com Auth Bypass, TOTP Logic Flaw

Critical Cal.com Flaw (CVE-2025-66489, CVSS 9.9) Allows Authentication Bypass by Submitting Fake TOTP Codes

Ddos December 8, 2025

A severe security vulnerability has been uncovered in Cal.com, the popular open-source scheduling platform positioned as the...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

Quest Patches Critical KACE SMA Flaws, Including CVSS 10 Authentication Bypass

Ddos June 26, 2025

Quest Software has released urgent security hotfixes addressing four newly discovered vulnerabilities in its KACE Systems Management...

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed GitLab Security Update CVE-2026-0723 CVE-2023-7028 & CVE-2023-5356 GitLab vulnerability, DoS flaw

GitLab Patches High-Severity Flaws: DoS and 2FA Bypass Fixed

Ddos May 22, 2025

GitLab announced the release of versions 18.0.1, 17.11.3, and 17.10.7 for both its Community Edition (CE) and...