The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, ...
SecurityWeek

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. Oracle on Friday issued out-of-band updates to patch a critical vulnerability ...