The Hacker News

âš¡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense ...
CSO Online

Five Chrome extensions caught hijacking enterprise sessions

Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and ...

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...
The Hacker News

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five fake Chrome extensions impersonate Workday and NetSuite to steal cookies, block admin controls, and hijack sessions for ...
Security Boulevard

OAuth Authorization Server Setup: Implementation Guide & Configuration

Learn how to build and configure an enterprise-grade OAuth authorization server. Covering PKCE, grant types, and CIAM best ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...