CSO Online

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...
Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of ...
The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
IEEE

Practical and Secure Password Authentication and Key-Agreement-Scheme-Based Dual Server for IoT Devices in 5G Network

Abstract: As the proliferation of 5th generation mobile communication technology (5G) accelerates the adoption of Internet of Things (IoT) applications, building robust and secure communication ...
IEEE

Blockchain-Assisted Secure Intra/Inter-Domain Authorization and Authentication for Internet of Things

Abstract: Multidomain Internet of Things (IoT) is faced with serious domain interoperability (DI) and compatibility issues since different intradomain authorization and authentication (A&A) mechanisms ...
Federal Register

Agency Information Collection Activities; Revision; Arrival and Departure Record (Form I-94) and Electronic System for Travel Authorization (ESTA)

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.