The Hacker News

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

Device code phishing targets 340+ Microsoft 365 orgs since Feb 2026 via OAuth abuse, enabling persistent token hijacking and ...
Windows Report

Microsoft Entra ID Fixes MFA Limits With External Support

Microsoft just made external MFA generally available in Entra ID. This update lets businesses easily use third-party security ...
Biometric Update

AI agent identity and next‑gen enterprise authentication prominent at RSAC 2026

Vendors are rolling out new hardware, biometric and passwordless technologies designed to secure both humans and autonomous ...

New KB5085516 emergency update fixes Microsoft account sign-in

Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across ...

Microsoft Azure Monitor alerts abused for callback phishing attacks

Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft ...

RSA Announces Expanded Partnership with Microsoft, Enhances Leadership in Passwordless Identity Security

RSA today announced expanded support for the new Microsoft 365 E7: The Frontier Suite solution at RSAC Conference 2026. This new support joins additional passwordless capabilities that provide ...
American Banker

Iran-linked cyberattack prompts Microsoft Intune warnings

CISA and Microsoft urge organizations to secure endpoint management systems as threat actors increasingly seek to disrupt ...

Windows 11 Patch Triggers Sign-In Failures Across Microsoft Apps

A Windows 11 security update triggered Microsoft app sign-in failures, prompting an emergency patch and a manual workaround ...

Microsoft outlines agentic AI security strategy with new Defender, Entra and Purview capabilities

Microsoft outlines agentic AI security strategy with new Defender, Entra and Purview capabilities - SiliconANGLE ...

Microsoft reminder of next phase of Kerberos RC4 hardening

Microsoft wants to get rid of insecure RC4 encryption. The company points out that the next phase starts in April.

US government sends 'Microsoft message' to companies after hackers brought down one of America's biggest company for days

Following a cyberattack on a major US medical firm, the US government has issued a critical advisory. Companies are urged to ...
Security Boulevard

FIRESIDE CHAT: In the AI age, your MFA, authentication apps can be compromised in minutes

The authentication layer that corporate America spent a decade building is now a liability. Listen to the podcast:The day MFA ...