ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Varonis Threat Labs has published a report detailing a now patched security exploit discovered in Copilot that let attackers ...
Dark Reading

Attackers Abuse Python, Cloudflare to Deliver AsyncRAT

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
The Conversation

The #iwasfifteen hashtag and ongoing Epstein coverage show how traffickers exploit the vulnerabilities of teens and tweens

Anne P. DePrince has received funding from the Department of Justice, National Institutes of Health, State of Colorado, and University of Denver. She has received honoraria for giving presentations ...
Associated Press

China exploits US-funded research on nuclear technology, a congressional report says

Copyright 2026 The Associated Press. All Rights Reserved. Copyright 2026 The Associated Press. All Rights Reserved. Flags of the U.S. and China are displayed at the ...