Threat Post

Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In

A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. A penetration testing tool ...

GitHub is finally tightening up security around npm following multiple attacks

Furthermore, GitHub announced it would deprecate legacy classic tokens, as well as time-based one-time password (TOTP) 2FA, ...
Computer Weekly

2FA bypass tool highlights top business security vulnerabilities

A security researcher has released a proof-of-concept tool that bypasses two-factor authentication (2FA) used by Gmail and other services to highlight the most easily exploited weaknesses in ...
SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...
Bleeping Computer

GitHub announces enhanced 2FA experience for npm accounts

Today, GitHub has launched a new public beta to notably improve the two-factor authentication (2FA) experience for all npm user accounts. Myles Borins, Open Source Product Manager at GitHub, said that ...
Bleeping Computer

GitHub makes 2FA mandatory next week for active developers

GitHub will start requiring active developers to enable two-factor authentication (2FA) on their accounts beginning next week, on March 13. Once expanded to the ...