When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability ...

Telegram has rolled out a new update, and this one feels less about adding flashy features and more about tightening up loose ends. The focus is pretty clear: make logins safer, reduce scams around ...

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and ...

Dozens of organizations that use real-time content collaboration platforms appear to have lost not only credentials but also ...

Ahead of the January 1st, 2026, commencement date for the new tax reforms, Afri Invoice, Nigeria’s SaaS (Software as a Service) platform for digital invoicing, tax compliance, and payment tracking, is ...

An inherent principle of publication is that others should be able to replicate and build upon the authors' published claims. A condition of publication in a Nature Portfolio journal is that authors ...

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.