The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Yahoo

One Million Two-Factor Authentication Codes Were Recently Exposed

One-time SMS codes are widely used as the second checkpoint in two-factor authentication (2FA) to sign into everything from banking apps to email accounts. As I've written before, though, SMS is one ...
Tidbits

Reacting to Unsolicited Two-Factor Authentication Codes

I have long encouraged the use of two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible (for more about the difference, see “Two-Factor Authentication, ...

Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...
Forbes

Millions Of Google, WhatsApp, Facebook 2FA Security Codes Leak Online

Security experts advise against using SMS messages for two-factor authentication codes due to their vulnerability to interception or compromise. Recently, a security researcher discovered an unsecured ...
来自MSN

Is Your Account Secure? Here's Why Two-Factor Authentication Matters

This added security layer can be annoying but it can also protect you from hackers with only a few seconds of your time This article explains two-factor authentication and how to get verification apps ...
TechCrunch

WhatsApp now allows businesses to send authentication codes to users in India

WhatsApp now allows businesses to send authentication and login codes through its API to users in India. The company confirmed that it enabled this functionality in India starting July 1. Meta ...