IT managers have limited visibility into when users give external apps access to company data. When those external apps are AI agents, the security risks multiply by orders of magnitude. Okta has ...

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

Purchasing a home security system once required having a technician come into your house to punch holes in your walls, then snake wires to every door and window ...

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...

This story was updated to add new information. Spring has sprung, bringing warmer days and blooming flowers. Thursday is the first day of spring, or the vernal equinox, in the Northern Hemisphere.

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...

A vulnerability that exposed millions of airline customers to potential account takeovers has highlighted the significant risks organizations face from misconfigured OAuth authentication processes.

Security researchers have unveiled critical vulnerabilities within web analytics provider Hotjar and global news outlet Business Insider. The findings, from Salt Labs, indicate heightened risks for ...

If you recently got an email from the Social Security Administration, don't ignore it. Millions of people who created an online my Social Security account before September 18, 2021, will soon have to ...