All news

identity security

(4 articles)

May 21, 2026

When Identity Becomes the Attack Path: What to Know

Attackers are using identity as the primary attack vector. Learn how credential abuse and IAM flaws let threats bypass security entirely.

May 19, 2026

OAuth Consent Attacks: Bypassing MFA with Phishing

OAuth consent phishing lets attackers bypass MFA entirely by hijacking app permissions. Learn how the attack works and how to defend your users now.

Microsoft Entra ID Role Flaw Enabled Principal Takeover

April 28, 2026

Microsoft Entra ID Role Flaw Enabled Principal Takeover

Microsoft patched a critical Entra ID role assignment flaw that let attackers take over service principals. Here's what developers need to know now.

Orphaned Non-Human Identities: Find and Fix Them

April 16, 2026

Orphaned Non-Human Identities: Find and Fix Them

Orphaned non-human identities are silently expanding your attack surface. Learn how to find, audit, and eliminate them before attackers exploit them.