Identity Illuminated

02/10/2025

02/10/2025

Google

Mandiant provided proactive defenses against UNC6040's social engineering attacks that have led to several Salesforce breaches.

23/09/2025

When a clickjack attack managed to hijack a passkey authentication ceremony, were password managers really to blame? ZDNET's investigation reveals a more complicated answer.

22/09/2025

Microsoft patched CVE-2025-55241 July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.

11/09/2025

The phishing page is said to have prompted the co-maintainer to enter their username, password, and two-factor authentication (2FA) token, only for it to be stolen.

20 npm packages with 2B weekly downloads compromised after maintainer phishing led to crypto-stealing malware.

08/08/2025

Google has confirmed it has been hacked, and some user information has been stolen.

07/08/2025

ECS agent on EC2 exposes IAM credentials to containers, risking cross-task access without proper isolation.

04/07/2025

25/06/2025

ChainLink phishing - attackers relies on legitimate platforms and reputable domains to trick victims to give up their credentials.

19/06/2025

Debunk 5 dangerous MFA myths exposing your business. Learn how MFA2.0 prevents breaches. Free audit tool included....

Debunk 5 dangerous MFA myths exposing your business. Learn how MFA2.0 prevents breaches. Free audit tool included.