ConsentFix v3 attacks target Azure with automated OAuth abuse

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding ...

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...

ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...