Code within the Find My Device app suggests that Google is working on adding support for UWB tech to the network. We’ve also found code referencing AR actions, which speculatively ties in nicely with ...

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...

The Find My Device app on Android has taken on new importance with the launch of a network that helps you find smartphones, trackers, and other objects. However, one glaring omission thus far has been ...

Google may introduce more automatic enrollments for its Find My Device network. Location access and device location syncing could trigger automatic enrollment. Strings also suggest that Google would ...

Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in the ...