Identity

How OAuth consent bypasses MFA

In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, more than 340 Microsoft 365 organizations in five countries were compromised. Platform targets received a message asking them to enter a short code at…

Identity

Drupal releases emergency core security update on May 20th, sites are told to prepare

Identity

Vulnerability in SEPPMail Secure E-Mail Gateway allows RCE and email traffic access

Identity

Nx Console 18.95.0 compromised and VS Code developers targeted by Credential Stealer

Identity

Popular GitHub action tag redirects to fraudsters stealing CI/CD credentials

Identity

Mini Shai-Hulud pushes malicious AntV npm packages via compromised maintainer account

Identity

Interpol’s Operation Ramz disrupts MENA cybercrime network, arrests 201 people

Identity

Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Orchid Security brings continuous identity observability to enterprise applications

By February 4, 20260

hacker newsFebruary 4, 2026Identity Security/Security Operations An innovative approach to discovering, analyzing, and managing identity…

How early decisions shape incident response investigations

By February 4, 20260

Many incident response failures are not due to a lack of tools, intelligence, or technical…

Microsoft warns that Python Infostears is targeting macOS via fake ads and installers

By February 4, 20260

Ravi LakshmananFebruary 4, 2026Malvertising/information thieves Microsoft warned that information theft attacks are “rapidly expanding” beyond…

Eclipse Foundation requires pre-publication security checks for open VSX extensions

By February 4, 20260

Ravi LakshmananFebruary 4, 2026Supply chain security/secure coding The Eclipse Foundation, which manages the Open VSX…

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

By February 4, 20260

Ravi LakshmananFebruary 4, 2026Software security/vulnerabilities The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday…

Docker fixes critical Ask Gordon AI flaw that allows code execution via image metadata

By February 3, 20260

Ravi LakshmananFebruary 3, 2026Artificial intelligence/vulnerabilities Cybersecurity researchers have detailed a patched security flaw affecting Ask…

What's Hot

How OAuth consent bypasses MFA

Drupal releases emergency core security update on May 20th, sites are told to prepare

EQT selected to lead €5 billion Scale-Up Europe Fund

Identity

How OAuth consent bypasses MFA

Drupal releases emergency core security update on May 20th, sites are told to prepare

Vulnerability in SEPPMail Secure E-Mail Gateway allows RCE and email traffic access

Nx Console 18.95.0 compromised and VS Code developers targeted by Credential Stealer

Popular GitHub action tag redirects to fraudsters stealing CI/CD credentials

Mini Shai-Hulud pushes malicious AntV npm packages via compromised maintainer account

Interpol’s Operation Ramz disrupts MENA cybercrime network, arrests 201 people

Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Orchid Security brings continuous identity observability to enterprise applications

How early decisions shape incident response investigations

Microsoft warns that Python Infostears is targeting macOS via fake ads and installers

Eclipse Foundation requires pre-publication security checks for open VSX extensions

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

Docker fixes critical Ask Gordon AI flaw that allows code execution via image metadata

Latest Posts

How OAuth consent bypasses MFA

Drupal releases emergency core security update on May 20th, sites are told to prepare

EQT selected to lead €5 billion Scale-Up Europe Fund

Vulnerability in SEPPMail Secure E-Mail Gateway allows RCE and email traffic access

US announces review of PFAS strategy with $1 billion drinking water funding push

Trending News

Tesla Dojo: Elon Musk’s big plan to build an AI supercomputer, explained

AI Health Coaches Are Coming Soon to a Device Near You

Sudanese Army Plays More Capital Khartoum from RSF | Sudan War News

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

What's Hot

Identity

Latest Posts

Trending News

Subscribe to Updates