IEEE

SEED-VII: A Multimodal Dataset of Six Basic Emotions With Continuous Labels for Emotion Recognition

Abstract: Recognizing emotions from physiological signals is a topic that has garnered widespread interest, and research continues to develop novel techniques for perceiving emotions. However, the ...
TMCnet

HTTP Got TLS. APIs Got OAuth. MCP Got Nothing. Permit.io Launches the Gateway to Fix That.

AI agents are already in production. They query CRMs, read codebases, write to data warehouses, and chain tool calls across sensitive systems, all through MCP. But the teams responsible for security ...
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. Fortinet on Tuesday rolled out emergency patches for a FortiCloud SSO login ...
InfoQ

Microsoft Releases Azure Functions Support for Model Context Protocol Servers

Microsoft has moved its Model Context Protocol (MCP) support for Azure Functions to General Availability, signaling a shift toward standardized, identity-secure agentic workflows. By integrating ...
The Hacker News

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.
Windows Report

Microsoft extends Basic Authentication and makes changes to HVE in Microsoft 365

Microsoft has announced that High Volume Email (HVE) in Microsoft 365 will continue to support basic authentication until September 2028. The idea is to give businesses more time to move to modern ...
Bleeping Computer

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. The adversary ...
GitHub

inconsistent OAuth basic auth header treatment between broker and schema registry clients

We were facing an issue in a deployed environment where the same set of OAuth credentials were successful for the broker connection but were failing with an HTTP 401 from the schema registry client.
Bleeping Computer

Botnet targets Basic Auth in Microsoft 365 password spray attacks

A massive botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide, targeting basic authentication to evade multi-factor ...
GitHub

bug: first steps, discord login: [auth][cause]: WWWAuthenticateChallengeError: server responded with a challenge in the WWW-Authenticate HTTP Header

After creating a new t3g app (my first ever) with TS, Prisma, tRPC, PostGres and creating and configuring a new discord app, after logging in via Discord oauth ...