The MFA Bypass Nobody Saw: Attackers Walked Past Two-Factor on 14,000 Servers
A critical SimpleHelp flaw (CVE-2026-48558) let attackers bypass MFA on ~14,000 servers to steal credentials. What happened, who's affected, and how to limit the blast radius.
Read More →