phishing
(7 articles)May 29, 2026
ChatGPhish: ChatGPT Web Summaries Enable Phishing
ChatGPhish turns ChatGPT's web summary feature into a live phishing surface. Here's how the attack works and what developers need to do now.
May 28, 2026
Claude Plugin, Azure Priv-Esc & MFA Bypass Threats
Claude security plugin flaws, Azure privilege escalation, Kali365 MFA bypass, and FIFA scams dominate this week's threat bulletin. Here's what developers need to know.
May 19, 2026
OAuth Consent Attacks: Bypassing MFA with Phishing
OAuth consent phishing lets attackers bypass MFA entirely by hijacking app permissions. Learn how the attack works and how to defend your users now.
May 2, 2026
ConsentFix v3: Automated OAuth Abuse Targets Azure
ConsentFix v3 automates OAuth phishing against Azure, bypassing MFA using Pipedream pipelines. Here's how the attack works and what developers must do now.
May 1, 2026
Facebook Accounts Hacked via Google AppSheet Phishing
30,000 Facebook accounts compromised through a Google AppSheet phishing campaign. Here's how the attack worked and what developers need to do now.
March 27, 2026
Fake VS Code Alerts on GitHub Spread Malware to Developers
A coordinated campaign is flooding GitHub Discussions with fake VS Code security alerts, tricking developers into downloading malware via Google Drive links.
March 27, 2026
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Adversary-in-the-Middle phishing campaigns are hijacking TikTok Business accounts by bypassing Cloudflare Turnstile protections. Here's what devs need to know.