Couverture de The Microsoft login page that phishing training can't save you from

The Microsoft login page that phishing training can't save you from

The Microsoft login page that phishing training can't save you from

Écouter gratuitement

Voir les détails
1. Attackers phishing Microsoft's device-code login flow — no CVE (flow abuse) — Securelist (Kaspersky) — https://securelist.com/microsoft-device-code-phishing-attack/120350/ 2. Unauthenticated PHP-FPM crash via TLS stream wrapper — CVE-2026-12184 — Cyber Security News — https://cybersecuritynews.com/multiple-php-vulnerabilities-dos/ 3. ModSecurity WAF input-inspection bypass bugs — CVE-2026-52761, CVE-2026-52747 — Cyber Security News — https://cybersecuritynews.com/modsecurity-vulnerabilities/ 4. Attackers abusing OpenAI's org-invite system — no CVE (feature abuse) — Cyber Security News (citing Push Security) — https://cybersecuritynews.com/hackers-use-openai-org-invites/ Also mentioned: - ClamAV patches seven scanner bugs (update to 1.5.3 / 1.4.5 LTS) — Help Net Security — https://www.helpnetsecurity.com/2026/07/06/clamav-security-patch-versions/ - Cisco Catalyst Center arbitrary file read (CVE-2026-20191) — Cisco PSIRT — https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X - Opera GX zero-click browser-mod / Gmail-address bug (update to 130.0.5847.89) — The Hacker News — https://thehackernews.com/2026/07/opera-gx-flaw-let-malicious-sites-auto.html - Gaslight North Korean-linked macOS malware — Cyber Security News — https://cybersecuritynews.com/gaslight-macos-malware-uses-prompt-injection/
adbl_web_anon_alc_button_suppression_t1
Aucun commentaire pour le moment