Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

Published on July 19, 2025

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. [...]

Continue reading on website
Other news

Popular npm linter packages hijacked via phishing to drop malware

July 19, 2025
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. [...]

Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers

July 20, 2025
A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0."CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS," according to