Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

New EvilTokens service fuels Microsoft device code phishing attacks

A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft ...
SDxCentral

Google Vertex agentic flaw latest chink in hyperscale AI armor

The stolen credentials also granted access to the Google Cloud storage buckets within the tenant project in which a Vertex ...

Google Stacking vs Traditional Link Building: A Strategic Comparison

WILMINGTON, DE - March 20, 2026 - PRESSADVANTAGE - G-Stacker has announced the general availability of its digital ...
CIO

Cloud required DevSecOps. AI requires DevSecEng

DevSecOps was fine for the cloud, but with AI agents now provisioning their own credentials, we need DevSecEng to keep these ...
Cloud Security Alliance

AI Identity Security Compliance Checklist

A practical checklist to secure AI agents within enterprise identity frameworks—authentication, authorization, token vaulting ...
Microsoft

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated ...
The Hacker News

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.