The SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn about real-time attacks using fake login pages and Telegram alerts. SlashNext security experts have found a new tool, “SessionShark,” used by cyber criminals to steal Microsoft Office 365 login information. It can bypass multi-factor authentication (MFA), …

In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild. The disclosure of known exploited vulnerabilities was from 50 different sources. “We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day …

The NVIDIA NeMo Framework has three vulnerabilities that could enable attackers to execute remote code, risking AI system compromise and data tampering. The security flaws CVE-2025-23249, CVE-2025-23250, and CVE-2025-23251 have a CVSS base score of 7.6, indicating a significant risk to users of the popular generative AI framework. On April …