Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...

Hackers have found a way to quietly take over WhatsApp accounts without touching passwords, SMS codes, or the app’s ...

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

Bihar has become a cyber fraud hotspot, targeting busy parents, students, and job seekers through scams and phishing tactics.

Public sector lender Canara Bank today announced the launch of ‘Canara ai1Pe’, a unified UPI-based digital payments application, aimed at offering fast, secure, and convenient payment services to ...

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code ...

GhostPairing is a sophisticated social engineering attack that abuses WhatsApp's legitimate multi-device linking functionality. Malicious actors trick users into unknowingly pairing an attacker's ...

Threat actors include Scattered Spider (UNC3944), Black Basta, RansomHub, and NoEscape. TTPs comprise SIM-swapping to bypass multi-factor authentication (MFA), compromise of cloud and SaaS-based ...

We use the term GhostPairing Attack because the victim is tricked into completing WhatsApp’s own device pairing flow, adding ...

TRAVELING is exciting, but it also comes with risks we often overlook. While we worry about delayed flights or lost luggage, ...