Okta

A new wave of attacks combines device code phishing with voice phishing (vishing) to compromise Microsoft Entra accounts, exploiting the…

A major data breach at Figure Technology Solutions, caused by a sophisticated social engineering attack, compromised the personal information of…

Figure Technology suffered a data breach due to a social engineering attack, where hackers accessed sensitive customer files, and the…

A sophisticated social engineering campaign is bypassing multi-factor authentication (MFA) using synchronized voice and email phishing attacks, successfully targeting major…

The ShinyHunters group uses sophisticated voice phishing (vishing) to steal employee credentials and bypass multi-factor authentication by impersonating IT support…

A major data breach at Match Group, parent company of Hinge, Tinder, and OkCupid, was caused by a phishing attack…

Securing identity providers like Okta is critical as they act as central gatekeepers for digital access, with risks arising from…

The ShinyHunters gang is conducting a sophisticated voice phishing campaign, using social engineering to steal credentials and MFA codes by…

New phishing kits enable real-time credential interception and control of authentication flows, targeting users of major identity platforms like Google…

A new wave of sophisticated phishing attacks uses real-time voice calls and adversary-in-the-middle platforms to steal employee Okta credentials and…

OpenAI acknowledges that complete security for its AI-powered Atlas browser may be impossible, highlighting a core tension where the tools'…

The internet in 2025 is increasingly driven by automated systems, with bots and AI crawlers responsible for a significant portion…

The rise of AI agents accessing corporate data creates security blind spots, as current delegated access systems (like OAuth) bypass…

ImmuniWeb's Q4 update focuses on identifying AI-specific vulnerabilities, including the OWASP Top 10 for LLMs, and expands capabilities for detecting…

cnspec is an open-source tool that provides unified security and compliance scanning across diverse technologies, identifying vulnerabilities and misconfigurations to…

CrowdStrike fired an employee for sharing confidential information with the hacking group Scattered Lapsus$ Hunters, who posted evidence of internal…

Employees are most vulnerable to highly personalized phishing emails that mimic internal communications, particularly from HR or IT departments, due…

Insight Enterprises has acquired Sekuro to enhance its cybersecurity services across the Asia-Pacific region, strengthening protection for enterprise and government…

Keycard has launched an identity and access platform specifically for AI agents, enabling organizations to manage and secure them with…

Insight Enterprises' Australian subsidiary is acquiring Sekuro to strengthen its cybersecurity offerings in the Asia Pacific region, addressing the increasing…