ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
IEEE

Lightweight Blockchain for Authentication and Authorization in Resource-Constrained IoT Networks

Abstract: The Internet of Things (IoT) expansion has exposed connected devices to significant security vulnerabilities, particularly in terms of authentication and authorization. Traditional solutions ...
GitHub

Global Fishing Watch API Python Client

Map Visualization (4Wings API): Access AIS apparent fishing effort, AIS vessel presence, and SAR vessel detections between 2017 to ~5 days ago. Vessels API: Search and retrieve vessel identity based ...
The Hacker News

Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code

Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a "security incident" that led to the loss of approximately $7 million. The ...
The Hacker News

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover ...