The Microsoft Defender Security Research Team has confirmed that a pervasive new authentication code attack is compromising ...

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...

Verizon Enterprise on Tuesday is launching QR codes as a two-factor authentication option in its universal identity service. What's unclear is how many companies will see the handy QR code as a way to ...

The Payment Services Directive (PSD2), introduces new rules on how the payment services are going to be governed. Strong Consumer Authentication (SCA) implements new standards where (Article 97) the ...

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...

Just as we think we’re getting one step ahead of cybercriminals, they find a new way to evade our defenses. The latest method causing trouble for security teams is that of device code phishing, a ...

I have long encouraged the use of two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible (for more about the difference, see “Two-Factor Authentication, ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Jon has been an author at Android Police since 2021. He primarily writes features and editorials covering the latest Android news, but occasionally reviews hardware and Android apps. His favorite ...