More from Mark Russinovich’s Ignite 2025 sessions, detailing software developments that underpin Microsoft’s move to ...

The California Privacy Protection Agency kicked off 2026 by launching a tool that state residents can use to make data ...

Big updates to tax laws are coming this year, affecting everything from deductions to funding for retirement accounts. With ...

Parents of a Kentucky State student killed on campus face Indiana intimidation charges. The Kentucky case ended at grand jury ...

The holidays may be behind us, but the local excitement is just getting started. In our first installment of Steals, Deals & ...

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign dubbed GhostPairing. This type of attack does not require any authentication ...

Low staffing at the FDA has prevented the agency from adequately overseeing the more than 190,000 devices under its purview, according to a Dec. 12 report from ProPublica and the Pittsburgh ...

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...