Microsoft now enforces MFA on Azure Portal sign-ins for all tenants
Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. The company’s Azure MFA enforcement efforts…
Category: Bleeping Computer
Don’t let outdated IGA hold back your security, compliance, and growth
If organizations want to have any chance of protecting their data from unauthorized access in 2025 and beyond, there is no way around Identity Governance…
Microsoft gives US students a free year of Microsoft 365 Personal
Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. For everyone else,…
EU fines Google $3.5 billion for anti-competitive ad practices
The European Commission has fined Google €2.95 billion ($3.5 billion) for abusing its dominance in the digital advertising technology market and favoring its adtech services…
Max severity Argo CD API flaw leaks repository credentials
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the…
Financial services firm Wealthsimple discloses data breach
Wealthsimple, a leading Canadian online investment management service, has disclosed a data breach after attackers stole the personal data of an undisclosed number of customers…
Microsoft gives US students a free year of Microsoft 365 Personal
Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. For everyone else,…
Critical SAP S/4HANA vulnerability now exploited in attacks
A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. The flaw, tracked as CVE-2025-42957,…
Chess.com discloses recent data breach via file transfer app
Chess.com has disclosed a data breach after threat actors gained unauthorized access to a third-party file transfer application used by the platform. The incident occurred…
Hackers exploited Sitecore zero-day flaw to deploy backdoors
Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState…
Texas sues PowerSchool over breach exposing 62M students, 880k Texans
Texas Attorney General Ken Paxton has filed a lawsuit against education software company PowerSchool, which suffered a massive data breach in December that exposed the…
New TP-Link zero-day surfaces as CISA warns other flaws are exploited
TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in…