The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.

Microsoft investigates classic Outlook sync and connection issues

Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client.
Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft's March Patch Tuesday update.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
Infosecurity-magazine.com

Infosecurity Magazine

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.