Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Critical phpBB authentication bypass lets attackers hijack any account with one request
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Critical phpBB authentication bypass lets attackers hijack any account with one request
Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process
CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog
Two authentication bypass vulnerabilities affect Progress Software’s MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway
Blackwing researchers bypass the authentication system
Threat actors evolve to multi-factor authentication
The attack bypassed both SPF and DMARC email authentication checks