BIT-JOOMLA-2025-25227 [20250402] - Joomla Core - MFA Authentication Bypass

Insufficient state checks lead to a vector that allows to bypass 2FA checks...

[20250402] - Core - MFA Authentication Bypass

Joomla! CMS versions: 4.0.0 - 4.4.12, 5.0.0 - 5.2.5...

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home compute...

Design/Logic Flaw

mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage...

AWS Auditing & Hardening Tool: Zeus

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access...