The Hacker News

âš¡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed to delete articles and place Russian text in the edit summary.

Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Ins

Bitwarden now supports passkey logins on Windows 11 for Microsoft Entra ID users, extending passwordless sign-ins to device ...
CSO Online

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...
IEEE

A Comprehensive Survey on Authentication and Attack Detection Schemes That Threaten It in Vehicular Ad-Hoc Networks

Abstract: As Vehicular Ad-hoc Networks (VANETs) bring fantastic revolution to intelligent transportation systems, their own security has become an important research topic. However, authentication ...
IEEE

A Security-Enhanced Certificateless Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks

Abstract: By adopting advanced Internet of Things (IoT) technology to sense and collect traffic-related information to improve traffic safety and efficiency, the vehicular ad hoc network (VANET) is ...