Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.
The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello.

Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Ins

Bitwarden now supports passkey logins on Windows 11 for Microsoft Entra ID users, extending passwordless sign-ins to device ...

Bitwarden adds support for passkey login on Windows 11

Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...