Single Sign-On
Mandiant details how ShinyHunters abuse SSO to steal cloud data
Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. As first reported by GeekFeed, threat actors are impersonating corporate IT and helpdesk staff and calling employees directly, claiming that MFA settings […]
Fortinet confirms critical FortiCloud auth bypass not fully patched
Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it’s working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December. This comes after a wave of reports from Fortinet customers about threat actors exploiting a patch bypass for the CVE-2025-59718 vulnerability to […]
Okta SSO accounts targeted in vishing-based data theft attacks
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. GeekFeed has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. In a new report released today by Okta, researchers explain that the phishing kits are sold as part of an […]
Hackers breach Fortinet FortiGate devices, steal firewall configs
Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. The campaign started last week, on January 15, with the attackers exploiting an unknown vulnerability in the devices’ single sign-on (SSO) feature to create accounts with VPN access and exporting firewall configurations […]