Hackers target Microsoft Entra accounts in device code vishing attacks

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device ...
MIT Technology Review

Hackers made death threats against this security researcher. Big mistake.

Allison Nixon had helped arrest dozens of members of The Com — a loose affiliation of online groups responsible for violence ...
Graham Cluley

Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators

Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock — with chaos potentially only a tick away. Plus when ransomware negotiators ...
TechCrunch

Google says hackers stole data from 200 companies following Gainsight breach

Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers ...
TechCrunch

Hacks, thefts, and disruption: The worst data breaches of 2025

Every year, TechCrunch looks back at the cybersecurity horror shows of the past 12 months — from the biggest data breaches to hacks resulting in weeks of disruption — to see what we can learn. This ...
Graham Cluley

Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts

A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral ...

Texas sues TP-Link over Chinese hacking risks, user deception

Texas sued networking giant TP-Link Systems, accusing the company of deceptively marketing its routers as secure while ...