Sixteen billion passwords may have been stolen. Here’s how to protect yourself
By Tara Deschamps A Lithuanian cybersecurity news outlet says…
Passwords
New Linux Vulnerabilities
They’re interesting:
Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems.
[…]
“This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace.”…
New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default …
People know password reuse is risky but keep doing it anyway
35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating compromised passwords. 38% of Gen Z and 31% of Millennials only change a single chara…
What’s worth automating in cyber hygiene, and what’s not
Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Au…
Goodbye passwords? Enterprises ramping up passkey adoption
87% of companies have, or are in the midst of, rolling out passkeys with goals tied to improved user experience, enhanced security, and compliance, according to the FIDO Alliance. Key findings Enterprises understand the value of passkeys for workforce …
Is your email or password among the 240+ million compromised by infostealers?
For the second time since the start of 2025, a huge number of login credentials extracted from infostealer logs has been added to the database powering the HaveIBeenPwned (HIBP) site and breach notification service. In January 2025, HIBP’s creato…
Massive botnet hits Microsoft 365 accounts
A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated …
WEB-Wordlist-Generator – Creates Related Wordlists After Scanning Your Web Applications
WEB-Wordlist-Generator scans your web applications and creates related wordlists to take preliminary countermeasures against cyber attacks. Done [x] Scan Static Files. [ ] Scan Metadata Of Public Documents (pdf,doc,xls,ppt,docx,pptx,xlsx etc.) [ ] C…