Cybercriminals are leveraging LastPass's after-death account handover procedures to trick users into revealing their login credentials. The campaign, linked to the CryptoChameleon group, involves sending fake emails about legacy access requests that redirect victims to phishing sites.

Forescout Technologies has identified two critical vulnerabilities in TP-Link Omada and Festa VPN routers that could expose industrial systems to significant risks. The vulnerabilities, CVE-2025-7850 and CVE-2025-7851, allow for OS command injection and unauthorized root access, respectively.