North Korean hackers continue to target software developers via social engineering attacks, according to researchers at Recorded Future.
North Korean hackers continue to target software developers via social engineering attacks, according to researchers at Recorded Future.
I am excited to announce my latest book, How AI and Quantum Impact Cyber Threats and Defenses: Shaping Your Cyber Defense Strategies.
Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication.
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke
KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals. This attack compromises Microsoft 365 accounts (Outlook, Teams, OneDrive) by abusing the OAuth 2.0 Device Authorization Grant flow, bypassing strong passwords and Multi-Factor Authentication (MFA).
The victim is directed to the legitimate Microsoft domain (microsoft.com/devicelogin) portal to enter an attack-supplied device code. This action authenticates the victim and issues a valid OAuth access token to the attacker’s application. The real-time theft of these tokens grants the attacker persistent access to the victim’s Microsoft 365 accounts and corporate data.
Valentine’s Day is usually a time for flowers and candlelight, but in recent years the digital dating landscape has shifted from a place of hope to a high-tech minefield. While “catfishing” was once the primary concern for online daters, 2026 has ushered in a more sinister era: the completely AI-enabled romance scam.
If you look back just a couple of years, the digital landscape looks almost unrecognizable. We’ve moved from AI being a cool new tool to it being at the heart of our online lives.
