Search: tooling updates

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

…The researchers have found that the kit’s blocklist currently contains 230 vendor names and is constantly updated. eSentire recommends disabling the OAuth device code flow when not needed, restricting OAuth consent…

May 17, 2026 · Bill Toulas

Microsoft testing adjustable taskbar, Start menu in Windows 11

…Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats…

May 18, 2026 · Sergiu Gatlan

Avada Builder WordPress plugin flaws allow site credential theft

…are advised to update to Avada Builder version 3.15.3 as soon as possible. The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value…

May 15, 2026 · Bill Toulas

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA

SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA By Sergiu Gatlan May 12, 2026 07:04 AM SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple…

May 12, 2026 · Sergiu Gatlan

KongTuke hackers now use Microsoft Teams for corporate breaches

…A more resilient C2 architecture with a five-server pool, automatic failover, randomized URL paths, and self-update capability. Multiple independent access paths, including a primary RAT, a reverse shell, and a…

May 14, 2026 · Bill Toulas

TeamPCP hackers advertise Mistral AI code repos for sale

…software may fail to launch and stop receiving updates. The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value, but they were built to answer…

May 14, 2026 · Ionut Ilascu

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

…Cisco has released security updates to address the vulnerability and says there are no workarounds that fully mitigate the issue. The company also recommends restricting access to SD-WAN management and control…

May 14, 2026 · Lawrence Abrams

Dutch govt disrupts malware botnet with 17 million infected devices

…latest firmware update has been applied, and remote administration panels are disabled when not needed. The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value…

May 29, 2026 · Bill Toulas

Funnel Builder WordPress plugin bug exploited to steal credit cards