Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...
The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
AccountingWEB

HMRC poised to roll out agent MFA in June 2026

The UK’s tax authority has confirmed plans to bolster security for tax agents signing into its services by adding ...
CSOonline

Microsoft secretly stopped actors from snooping on your MFA codes

The issue could allow threat actors to brute force MFA authentication codes for Outlook, Teams, and Azure access with 50% accuracy. Microsoft may have silently fixed a problem with its MFA ...
Nasdaq

How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

There are many ways to improve your security with multi-factor authentication, but some kinds offer more protection from hacking and tracking. In previous articles about security and data breaches, we ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Computer Weekly

Mandatory MFA pays off for GitHub and OSS community

Introducing a multifactor authentication (MFA) mandate for users of its platform has paid off for GitHub, which has reported a massive uplift in adoption in the past 12 months, as it continues its ...
Bitcoin Magazine

How To Protect Yourself With A More Secure Kind Of Multi-Factor Authentication

In previous articles about security and data breaches, we discussed the need for multi-factor authentication (MFA) on your Bitcoin accounts and any other accounts you want to protect. Hacks will ...