The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
Security Boulevard

Your API Has Authorization Bugs. Hadrian Finds Them.

Authorization vulnerabilities are the most common critical finding in our API penetration tests. We find them on nearly every ...
Dark Reading

When Good Tokens Go Bad

Tokens are an identity's crown jewel for digital authentication and authorization. Whether they are human or machine, and instantiated as API tokens, OAuth credentials, session tokens, or ephemeral ...
Business Wire

VeriSign Licenses Mobile Tokens and Mobile Authentication Services from Diversinet

Diversinet Corp. (OTCBB:DVNTF), a leading provider of mobile device security and authentication solutions for the mobile data ecosystem, today announced an OEM licensing agreement with VeriSign, Inc. ...