Amazon.com Inc (NASDAQ:AMZN) is one of the best stocks to buy for the AI boom in the second half of 2026. Analysts are ...
The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
Hackers used a backdoor through a little-known third-party app to steal LastPass customer data.
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The ...
This article was written by our IT engineer, Ashish Dhakal. Please see the English version here. Email communication is essential for many applications, including ...
In December, the Push Security research team discovered and blocked a brand new attack technique that we coined ConsentFix. This technique merged ClickFix-style social engineering with OAuth consent ...
Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...