#authentication
11 stories taggedauthentication.

AI Agents Can Be Tricked Into Sending Money. Zscaler Has the Data.
A new study shows that some expensive, enterprise-grade AI assistants fall for hidden instructions that most humans would ignore, and experts warn the real danger is far bigger than a fake three-dollar fee.

WhatsApp Is Letting You Ditch Your Phone Number — Here's What That Means for Your Privacy
The world's most-used messaging app is adding usernames, so strangers no longer need your phone number to reach you. It's a meaningful privacy upgrade, but it comes with a scramble.

81 Million Login Attempts: A Massive Password Spray Attack Hit Microsoft 365 Users
Criminals hammered Microsoft accounts with automated login attempts for two weeks. At least 78 accounts were broken into — and many victims had multi-factor authentication switched on, just not set up correctly.

One Researcher, 14 Flaws, Millions of Indians at Risk
A young independent security researcher found gaping holes in Indian government portals — including an admin panel left wide open to the entire internet. The government fixed everything within three weeks.

Third DraftKings Credential-Stuffing Conspirator Sentenced to 18 Months
Nathan Austad gets a year and a half in federal prison, plus $1.8 million in forfeiture and restitution, closing out the last of the DraftKings account-takeover prosecutions.

MFA Alone Won't Save You: What Modern Attackers Know That Defenders Don't
A practitioner-focused webinar examines how threat actors sidestep conventional detection controls and why single-layer authentication assumptions are failing organizations.

Cisco's SD-WAN Manager Has a Write-to-Root Problem — and Attackers Found It First
CVE-2026-20262 lets an authenticated attacker overwrite arbitrary files on Cisco Catalyst SD-WAN Manager, with a clear path to root. No workaround exists. Exploitation is already underway.

Zero Trust Turns 15 and Still Can't Get Out of Its Own Way
The 'never trust, always verify' model isn't failing because the idea is wrong. It's failing because organizations keep treating a security philosophy like a SKU.

The 2026 Cybersecurity Stars Awards Land — 95 Categories, One Long Trophy Table
An industry awards program names winners across product, team, and company categories. The interesting question is what — if anything — the list tells us about where defenders are actually winning.

The Alert Queue Is Full. So Is the Graveyard of Missed Threats.
When every event screams critical, nothing is. AI and automation are being drafted to fix a triage problem that human analysts simply can't outrun anymore.

The Linux Foundation Wants DNS to Be the Phone Book for AI Agents
DNS-AID proposes using existing DNS infrastructure for agent discovery — no new directories, no vendor lock-in, no new protocols to trust.