Quarkus也在持续进化，最新的Quarkus 3.30.6版本中，修复了JDK Flight Recorder扩展中的NullPointerException，同时移除了不再维护的LZ4Java项目，转而使用更可靠的替代品。这些改进确保了Quarkus在云原生应用开发中的竞争力。

JDK 26 JDK 26的早期访问构建版本Build 30在上周发布，其中包括对Build 29的更新，其中包括对各种问题的修复。更多关于该版本的详细信息可以在发布说明中找到。 JDK 27 JDK 27的早期访问构建版本Build 4也在上周发布 ...

Attackers trick users into approving access on real Microsoft pages OAuth device code phishing surged sharply since September 2025 Both cybercriminals and state-linked actors reportedly use this ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

One of the season’s leading themes was “fashion as feeling”—a fitting sentiment not only captured in the movement of the clothes (the fringe! the feathers! the frothy lace!) as designers experimented ...

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene. Salesforce has disclosed ...

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...

The August 2025 Salesloft Drift breach demonstrates a systemic security blind spot across all industries: third-party delegated access through OAuth integrations. Over 700 organizations — including ...

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.