The Hacker News

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

China-aligned Ink Dragon targets government and telecom networks using ShadowPad and FINALDRAFT malware across Europe, Asia, ...
CSO Online

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy ...
InfoQ

ASP.NET Core in .NET 10: Major Updates across Blazor, APIs, and OpenAPI

Microsoft has detailed the major updates to ASP.NET Core arriving as part of last month's .NET 10 release. As reported, this ...

Biometric Authentication, Passkeys And AI-Driven Threat Detection: The Next Evolution Of Enterprise Identity

As leaders begin implementing biometrics, passkeys and AI threat detection, there are several core design principles they should consider.
SecurityWeek

Fortinet Patches Critical Authentication Bypass Vulnerabilities

Fortinet patched two critical flaws in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager leading to authentication bypass ...
SecurityWeek

Equixly Raises $11 Million for AI-Powered API Penetration Testing

Equixly has raised $11.6 million in Series A funding to build proprietary AI hacking models, expand its team, and scale global presence.
Redmondmag.com

Microsoft Locks Down Entra ID Authentication with Script Injection Blocking

Microsoft is tightening security around its Entra ID sign-in process by blocking external script injection, a move that could force some orgs to rethink their browser extension strategies.