bypass Archives - Security Pulse

Headlines

TeamViewer DEX Vulnerabilities Expose Enterprise Endpoint Risks
2 hours ago2 hours ago
Trust Wallet Chrome Extension Hack Exposes Browser Wallet Risk
2 hours ago2 hours ago
LangChain Core Vulnerability Highlights Risks in AI Frameworks
2 hours ago2 hours ago
China-Linked Actors Abuse DNS in Advanced Espionage Malware
2 hours ago2 hours ago
Parrot OS 7.0 Focuses on Reliable Penetration Testing Workflows
23 hours ago23 hours ago
Stealth Malware Loaders and AI-Assisted Attacks Reshape
23 hours ago23 hours ago

FreePBX authentication bypass attack chain illustrating unauthorized access and remote code execution risks

FreePBX Authentication Bypass Flaw Enables RCE, VoIP Platforms

yohanmanuja2 weeks ago2 weeks ago05 mins

Critical FreePBX authentication bypass flaw enables unauthorized access and remote code execution on affected PBX systems when misconfigured — patch immediately.

ClickFix phishing page coaching a user to paste a command that steals M365 access

ClickFix Lures Coach Users to Self-Infect and Bypass Filters

yohanmanuja2 months ago2 months ago24 mins

ClickFix campaigns scale by coaching users to “fix” access issues with copy-paste commands. After the click, actors steal Microsoft 365 tokens or credentials and, in some cases, drop PureRAT for persistence. Break the flow by enforcing admin-only app consent, requiring phishing-resistant MFA, and blocking browser-to-shell chains. Investigate mailbox rules, token reuse, and OAuth grants whenever ClickFix pages appear in referral logs.