New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts ...

Should you stop logging in through Google and Facebook? Consider these SSO risks vs. benefits

Passkeys aren't simply an alternate way to authenticate with your favorite relying parties. Passkeys are about all users raising their personal operational security (aka "secop") to a higher level, ...

Google opens Gemini deep research to developers through Interactions API

Google has opened access to its Gemini Deep Research agent, positioning it as a developer-ready system through the newly launched Interactions API. Alongside it arrives DeepSearchQA, an open-sourced ...