identity

New ConsentFix v3 attack automates Microsoft Azure account hijacking

• identity
• phishing

New ConsentFix v3 attack automates Microsoft Azure account hijacking

SC Staff May 4, 2026

ConsentFix v3 targets Microsoft Azure environments by first identifying valid tenant IDs and gathering employee details for...

Read More Read more about New ConsentFix v3 attack automates Microsoft Azure account hijacking

Supply chain attack against SAP npm packages facilitates credential theft

• data-security
• identity
• supply-chain

Supply chain attack against SAP npm packages facilitates credential theft

SC Staff May 1, 2026

Threat actors have compromised four SAP npm packages with credential-stealing malware as part of the new mini...

Read More Read more about Supply chain attack against SAP npm packages facilitates credential theft

AI and identity-first attacks reshape MSP security landscape

• aiml
• identity
• threat-intelligence

AI and identity-first attacks reshape MSP security landscape

SC Staff May 1, 2026

Guardz's 2026 State of MSP Threat Report indicates that AI has rendered traditional phishing tactics obsolete, enabling...

Read More Read more about AI and identity-first attacks reshape MSP security landscape

OpenAI enhances ChatGPT security with YubiKey partnership

• aiml
• identity
• security-operations

OpenAI enhances ChatGPT security with YubiKey partnership

SC Staff May 1, 2026

OpenAI's new Advanced Account Security program, available to all ChatGPT users, includes a partnership with Yubico to...

Read More Read more about OpenAI enhances ChatGPT security with YubiKey partnership

2 threat groups linked to The Com target critical infrastructure with data theft

• identity
• phishing
• security-operations
• threat-intelligence

2 threat groups linked to The Com target critical infrastructure with data theft

SC Staff May 1, 2026

These financially-motivated attackers, closely aligned with Scattered Spider, use voice-phishing and social engineering to breach victims' identity...

Read More Read more about 2 threat groups linked to The Com target critical infrastructure with data theft

GoDaddy under fire for alleged unauthorized domain transfer

• identity
• security-operations

GoDaddy under fire for alleged unauthorized domain transfer

SC Staff April 30, 2026

The incident involved a domain belonging to an anonymous American non-profit with 20 locations nationwide.

Read More Read more about GoDaddy under fire for alleged unauthorized domain transfer

Ukrainian police arrest 3 hackers for hijacking 610,000 Roblox accounts

• identity

Ukrainian police arrest 3 hackers for hijacking 610,000 Roblox accounts

SC Staff April 30, 2026

The suspects, including a 19-year-old, allegedly used stolen session cookies to bypass password requirements and access Roblox...

Read More Read more about Ukrainian police arrest 3 hackers for hijacking 610,000 Roblox accounts

Securing every door: Scalable strategies to manage machine and AI agent risks

• aiml
• identity
• security-management

Securing every door: Scalable strategies to manage machine and AI agent risks

Paul Wagenseil April 29, 2026

You need ways to control your AI agents, and identity management may be the key.

Read More Read more about Securing every door: Scalable strategies to manage machine and AI agent risks

Vimeo confirms customer data accessed following Anodot breach

• data-security
• identity
• supply-chain

Vimeo confirms customer data accessed following Anodot breach

SC Staff April 29, 2026

The breach was claimed by the ShinyHunters extortion group, which threatened to leak the data by April...

Read More Read more about Vimeo confirms customer data accessed following Anodot breach

Microsoft patches Entra ID bug that let AI agents escalate privileges

• aiml
• generative-ai
• identity
• privileged-access-management

Microsoft patches Entra ID bug that let AI agents escalate privileges

Steve Zurier April 28, 2026

Flaw in Entra ID AI agent role enabled privilege escalation and takeover.

Read More Read more about Microsoft patches Entra ID bug that let AI agents escalate privileges