Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...

Hackers have found a way to quietly take over WhatsApp accounts without touching passwords, SMS codes, or the app’s ...

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...

With a SIM-swapping attack, scammers hijack your phone number to gain access to apps on your phone—including banking apps. These tips can help you safeguard your most private information.

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

India's Department of Telecommunications mandates SIM-binding for messaging apps like WhatsApp, requiring users to maintain ...

Bihar has become a cyber fraud hotspot, targeting busy parents, students, and job seekers through scams and phishing tactics.

Public sector lender Canara Bank today announced the launch of ‘Canara ai1Pe’, a unified UPI-based digital payments application, aimed at offering fast, secure, and convenient payment services to ...

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code ...

GhostPairing is a sophisticated social engineering attack that abuses WhatsApp's legitimate multi-device linking functionality. Malicious actors trick users into unknowingly pairing an attacker's ...

Threat actors include Scattered Spider (UNC3944), Black Basta, RansomHub, and NoEscape. TTPs comprise SIM-swapping to bypass multi-factor authentication (MFA), compromise of cloud and SaaS-based ...