Threat ManagementNorth Korean hacker caught within days by geography slipSC StaffMarch 25, 2026Hackread reports that a suspected North Korean operative managed to slip through hiring checks for a Western company last year, only to be caught within 10 days when a routine login from St.
IdentityMicrosoft flags phishing campaign abusing Entra ID, Google OAuth linksLaura FrenchMarch 4, 2026The OAuth URLs intentionally include an invalid scope, forcing redirection to malicious sites.
Application securityShadow AI expands attack surfaces beyond visibilityChris BoehmMarch 3, 2026AI sprawl and machine identities outpace governance, demanding real-time, dynamic defense.
Threat ManagementNorth Korea’s Lazarus Group targets US, Middle East healthcare sectorsSteve ZurierFebruary 24, 2026Threat actor focuses on identity-based attacks followed by a ransomware drop.
IdentityPDF phishing attack leads to stolen Dropbox credentialsLaura FrenchFebruary 2, 2026The attack uses seemingly benign attachments and trusted cloud infrastructure to evade detection.
Security Operations860GB of Target source code stolen. No one knows who did itMora GozaniJanuary 28, 2026A source code leak shows how compromised identities and blind spots can expose dev environments.
Application securityResearchers find 16 browser extensions stealing ChatGPT session tokensLaura FrenchJanuary 27, 2026One of the malicious ChatGPT “mods” has a featured badge on the Chrome Web Store.