OAuth stories
A free account could have let attackers alter Zapier-maintained packages and hijack logged-in users' browser sessions, researchers said.
The expansion gives IT teams central control over AI agent permissions, reducing risky static keys and easing reviews as workplace use widens.
Trusted third-party access has let attackers quietly pull large volumes of Salesforce records from enterprise systems via a Klue integration.
More than half of Vercel deployments are now triggered by coding agents, as monthly AI token traffic has jumped tenfold.
The tie-up adds tighter access checks as firms deploy AI agents and browser tools more widely, amid rising identity attacks.
Security teams may gain relief from manual identity investigations as Offroad targets risks from human, machine and AI access with USD $7 million.
Customers can now govern AI agents across mixed systems as Okta adds Bedrock support and lets firms keep existing identity providers.
Businesses struggling with fragmented records can now give AI agents a shared data layer, as Airbyte adds search and write tools for workflows.
The update lets app users cap, approve and audit AI-driven payments while keeping control of their funds and spending limits.
Small firms and solo founders now get guided Google Ads setup and optimisation, easing a marketing hurdle for businesses with limited staff.
Longer outages at developer tools now threaten release schedules and productivity, with GitProtect estimating more than USD $740,000 in losses.
Enterprises face growing breach and compliance risks as autonomous software bypasses static access controls and acts across systems without oversight.
AI agents are set to erode ad-funded web traffic, forcing businesses to pivot from screen-based funnels to metered API revenue.
New guidance aims to help firms curb data leakage and rogue actions as AI agents and models are embedded in daily operations.
Customers were urged to rotate secrets after unauthorised access to Vercel systems exposed a limited set of credentials via a third-party AI tool.
Malicious rules are helping hackers hide in Microsoft 365 inboxes, with Proofpoint saying it saw the tactic in 10% of taken-over accounts.
Hundreds of Microsoft 365 users are being compromised daily as attackers bypass passwords with device code phishing and OAuth tokens.
Independent checks on digital identity products will now be carried out by Kantara as the OpenID Foundation expands its conformance programme.
Security teams gain a forensic trail and workflow hub as Vorlon adds incident response tools for AI agents across SaaS apps and APIs.
Attackers are now moving fast enough that patching delays, standing privilege and inherited trust leave organisations exposed within minutes.
