A threat group known as Velvet Ant successfully maintained a presence within a large organization's isolated network for ten years by hijacking the authentication stack. The intrusion began in 2016 when the actors compromised internet-facing systems before pivoting into an air-gapped environment with no direct external connection. By establishing a remote execution path through chained Nginx and FastCGI modifications, the attackers bypassed traditional network segregation without requiring direct internet access.

Source

Check Point has released emergency hotfixes for a critical authentication bypass vulnerability affecting its VPN and firewall products. Tracked as CVE-2026-50751, the flaw stems from a logic error in how the legacy Internet Key Exchange version 1 (IKEv1) protocol validates certificates. This weakness allows unauthenticated attackers to establish remote access sessions and enter the network without providing a valid password.

Source

Microsoft 365 has introduced Baseline Security Mode, an opt-in feature that bundles 18 secure-by-default configuration settings across authentication, files, and room devices. While this centralized approach simplifies security management, it can conflict with existing environments that rely on legacy authentication protocols or custom meeting room hardware. Administrators should view this mode as a migration target rather than a simple toggle, as enabling it without preparation can disrupt critical business workflows.

Source