VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems. Automattic, the company behind ...

Passwordstate's latest version patches an authentication bypass flaw It could be abused to access the Passwordstate Administration section without authentication There are workarounds, too ...

Microsoft researchers discovered the firmware flaws in the DGN-2200v1 series router that can enable authentication bypass to take over devices and access stored credentials. Netgear has patched three ...

A proof-of-concept exploit is now available for a near maximum-severity flaw in Fortra's GoAnywhere Managed File Transfer (MFT) software that the company publicly disclosed on Jan. 23 after quietly ...

Attackers are actively exploiting an authentication bypass flaw found in the Palo Alto Networks PAN-OS software that lets an unauthenticated attacker bypass authentication of that interface and invoke ...

PayPal was one of the first large online services providers to offer two-factor authentication to its users, but until recently the company’s implementation had a loophole that could have allowed ...

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. Attackers are doubling down ...