Microsoft is bringing synced passkeys and biometrics for Entra ID account recovery to public preview, as the company leans ...

The surge in attempts to compromise Microsoft 365 accounts has been enabled by readily available phishing tools.

Threat Groups Hijack Microsoft 365 Accounts Using OAuth Device Code Exploit Security researchers warn that threat groups are ...

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...

Three "high-profile internet fraud suspects" have been arrested by Nigerian authorities on suspicion of participating in ...

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...

Learn why modern SaaS platforms are adopting passwordless authentication to improve security, user experience, and reduce breach risks.

What’s new in a ConsentFix attack is that the attack happens entirely inside a browser, say the researchers, which removes one of the key detection opportunities because the attack doesn’t touch an ...

Your Microsoft or non-Microsoft-related accounts include content that’s important to you. So, finding yourself suddenly locked can be incredibly frustrating. Even more so when the account has your ...

If you use Microsoft Authenticator to store your login information, it's time to take action. This month, Microsoft began deleting stored payment methods from the app, and as of Aug. 1, 2025, stored ...

Authenticators from Google and Microsoft are already well-established, but the newly released Proton Authenticator may be worth the switch. Proton is the company behind Proton Pass, our top password ...