Warning: Your AI-Generated Password Is a Major Security Risk. Here’s What to Use Instead

Having trouble coming up with good passwords? Don't rely on AI. Here's why.

Bitwarden Brings Passkey Logins to Windows 11, Expanding Passwordless Sign-Ins

Bitwarden now supports passkey logins on Windows 11 for Microsoft Entra ID users, extending passwordless sign-ins to device ...
MIT Technology Review

The usability imperative for securing digital asset devices

As the popularity and value of cryptocurrency rises, device designers are drawing on research and testing to optimally ...

Why Fallback Channels Are Now Core To Secure Authentication

Fallback channels do not eliminate risk, but they can absorb shocks. They can turn isolated failures into recoverable moments ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

OpenAI introduces Codex Security to help developers fix software vulnerabilities

Developers can activate OpenAI’s new tool by giving it access to the code repository they wish to scan. According to the ChatGPT developer, Codex Security creates a temporary copy of the repository in ...
Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...
CSO Online

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...
CRN

Microsoft Security’s Vasu Jakkal: E7, Agent 365 Tackle Shadow AI, ‘Double Agents’

Microsoft Security exec Vasu Jakkal says Microsoft 365 E7 and Agent 365 help govern and monitor AI agents, reducing double agent and shadow AI risks.
winbuzzer.com

Microsoft Entra Passkeys Bring Phishing-Resistant Windows Sign-In

Multi-factor authentication stops the majority of attacks, but adversary-in-the-middle phishing kits have emerged to steal session tokens and bypass even valid MFA challenges. Microsoft’s new Entra ...