CSO Online

Azure SRE Agent flaw let outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...
CSO Online

Top techniques attackers use to infiltrate your systems today

Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying ...
CoinDesk

Hack at Vercel sends crypto developers scrambling to lock down API keys

Breach tied to compromised AI tool may have exposed credentials used by app frontends, the user-facing layer that connects ...

Google Ads API to require multi-factor authentication

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...
Communications of the ACM

Subscription Bombing: Email under Attack

Email subscription bombing (also known as subscription flooding or email spam bombing) is an attack technique that overwhelms ...
Security Boulevard

API Keys vs. JWTs: Choosing the Right Auth Method for Your API

A developer needs to connect a service to an API. The documentation says to generate an API key, store it in an environment variable and pass it in a header. Five minutes later, the integration works.
InfoWorld

Curity looks to reinvent IAM with runtime authorization for AI agents

Traditional authentication is incapable of securing AI agents, the company says, as it announces Access Intelligence.
Visual Studio Magazine

BFF and SPAs: Best Friends Forever

Christian Wenz explains why the Backends for Frontends (BFF) pattern is emerging as a more secure authentication model for single-page applications.
Security Boulevard

The Complete Guide to Passwordless Authentication in 2026: How It Works, Why It Matters, and How to Implement It

Passwords are responsible for 80% of data breaches. Passwordless authentication eliminates the attack surface entirely. Here ...

Hundreds of orgs compromised daily in Microsoft device code phishing attacks

Hundreds of organizations have been compromised daily by a Microsoft device-code phishing campaign that uses AI and automation at nearly every stage of the attack chain to ultimately snoop through ...

Top 5 Best Customer Identity and Access Management (CIAM) Solutions in 2026

Compare the top 5 customer identity and access management (CIAM) platforms in 2026 to find the right fit for your product's ...