Bleeping Computer

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line ...
Morningstar

Push Security Uncovers “ConsentFix”: A New Class of Browser-Native Phishing Attack

BLACK HAT, EUROPE — (Booth #305) — Push Security, a leader in browser-based detection and response, today announced the discovery of a new class of phishing attack that enables Microsoft account ...