Microsoft is shifting new account signups away from passwords and toward passkeys. It’s part of a broader industry effort, with companies like Google and Apple also pushing for a future where stolen credentials are no longer a threat. This move sounds like progress, but there’s more going on beneath the surface.
Going forward, anyone creating a new Microsoft account will be guided to set up a passkey. Existing users will also see prompts asking them to make the switch. The goal is simple: reduce the security risks and user frustration tied to traditional passwords. Most people reuse weak logins. That leads to leaks, breaches, and a lot of expensive damage.
Apple just pushed out emergency updates across iOS, macOS, and other platforms to squash two zero-day bugs that were actively being exploited. But before you panic: unless you’re someone Apple might actually send a holiday card to, you’re probably not the target. Their official language? These vulnerabilities were used against “specific targeted individuals.” Translation: celebrities, high-ranking officials, or people who pay someone else to clean their AirPods.
So… turns out one of the leading enterprise security products forgot the “security” part. More than 16,000 Fortinet devices exposed to the internet have been found carrying a persistent symlink backdoor—one that grants read-only access to sensitive files.