WinBuzzer

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals have launched a widespread phishing campaign exploiting Microsoft's OAuth device code flow to bypass MFA and ...
GitHub

Kong Auth Mapper Plugin

A Kong plugin that maps incoming client credentials to different credentials and injects a Basic Authorization header for downstream services. This plugin is particularly useful for integrating with ...
Security Boulevard

Client ID Metadata Documents (CIMD): The Future of MCP Authentication

Struggling with MCP authentication? The November 2025 spec just changed everything. CIMD replaces DCR's complexity with a ...
GitHub

OAuth Client ID Metadata Document

See the guidelines for contributions. Contributions can be made by creating pull requests. The GitHub interface supports creating pull requests using the Edit ( ) button.

The coming AI agent crisis: Why Okta's new security standard is a must-have for your business

Counting Google, Amazon, and Microsoft among its early adopters, the new standard will provide organizations with more visibility and control over external applications. Here's how it works.
Microsoft

Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to distinguish who is real online

Anonymity is an important principle online. However, malicious actors have long used misleading identities to conduct fraud, spread disinformation, and carry out other deceptive schemes. With the ...