O-UNC-066 uses vishing and a live phishing kit to trick Microsoft 365 users into enrolling attacker-controlled Entra passkeys ...
Microsoft 365 passkey phishing is now targeting enterprise employees mid-rollout: criminal group Pink cold-calls workers ...
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining ...
A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code ...
Explore why organizations must transition to phishing-resistant MFA, such as hardware keys, to effectively secure their ...
New Helix extortion group steals SharePoint data after compromising Microsoft 365 accounts through voice phishing and MFA abuse.
Digital security is crucial for journalists in Bangladesh ahead of the 2026 elections. Learn about risks and protective ...
Talos details ARToken, a PhaaS panel tied to EvilTokens that supports device code phishing, BEC workflows, SharePoint theft, ...
What happened Researchers have uncovered a new phishing campaign using the EvilTokens phishing kit that employs a technique known as “ghost phishing” to bypass traditional email security controls. The ...
Louis Mastelinck previews common Entra ID pitfalls around authentication, Conditional Access, privilege and app consent.
Singapore’s move to passkeys for SingPass highlights a shift in digital identity. Learn why enterprise adoption requires ...
Microsoft Corporation (NASDAQ:MSFT) is one of the top AI stocks to buy according to billionaire Philippe Laffont.