#auth

Spanish Guardia Civil and Group-IB arrest 'GoogleXcoder,' the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil.

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University of

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your

Astaroth banking trojan has evolved to use GitHub and steganography for resilient C2, hiding its vital commands in images. Learn how this sophisticated malware employs fileless techniques to steal banking and crypto credentials from users across Latin America.

Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks. Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for attackers to

Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

**How could an attacker exploit this vulnerability?** A remote, unauthenticated attacker could send a crafted event that triggers unsafe object deserialization in a legacy serialization mechanism, resulting in remote code execution.

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.