A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

Donald Trump’s decision to allow Nvidia Corp. to sell advanced chips to China marks more than just a shift in US tech policy. It also raises questions about how far he’ll go to steady ties with Xi ...

Years ago, politicians proposed putting stocks into Social Security. These days, the trendy advice is to put your Social Security into stocks. On TikTok and YouTube, dozens of financial advisers and ...

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 ...

A data breach of the Tea app recently exposed users' selfies, IDs, and private messages. The breach shows the risk of giving out your sensitive information to new apps. Cybersecurity experts say ...

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part ...

Ingram Micro, the global IT and cybersecurity distributor, was the target of a July 2025 ransomware attack that disrupted operations across more than 50 countries. In just three weeks, Ingram Micro, ...

President Trump secured a historic agreement for NATO members to raise defense spending to 5% of GDP – a foreign policy feat long thought impossible. Under President Trump’s strong and decisive ...

Community driven content discussing all aspects of software development from DevOps to design patterns. Fundamentally, these two file formats provide the exact same functionality. Any property that ...

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...