An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...

With the advent of AI-mediated APIs, the era of manually hard-coding every integration between every microservice may be ...

Okta introduced Cross App Access, or XAA, in June 2025 as a way to govern agent-to-app and app-to-app connections. Today’s ...

Australian organisations are pushing AI agents into production faster than they can govern them. Most can't see what those ...

Hackers used a backdoor through a little-known third-party app to steal LastPass customer data.

Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Cloudflare ended years of partner-only restrictions on Wednesday, opening self-managed OAuth 2.0 to every developer on its platform. The move eliminates the manual onboarding process that previously ...

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

OpenAI is rolling out the full, limited-release version of GPT-5.5-Cyber—a specialized AI model that outperforms its ...

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.