New CoPhish attack steals OAuth tokens via Copilot Studio agents

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent ...
Bleeping Computer

Salesforce refuses to pay ransom over widespread data theft attacks

Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company's customers this year. As first ...
GitHub

[ISSUE] Bearer tokens logged in exception messages

Full bearer tokens are logged in exceptions when a request fails and the API response cannot be parsed. This exposes sensitive credentials in logs, which is a security risk. The SDK has a ...
IEEE

User-Centric and Privacy-Preserving Attribute-Based Authentication in Healthcare Systems Leveraging zk-SNARKs and Soulbound Tokens

Abstract: Digital health services for disease diagnosis, followup, and patient empowerment manage data that belongs to a special class of personal information, according to the General Data Protection ...
TechCrunch

DeepSeek releases ‘sparse attention’ model that cuts API costs in half

Researchers at DeepSeek on Monday released a new experimental model called V3.2-exp, designed to have dramatically lower inference costs when used in long-context operations. DeepSeek announced the ...
GitHub

Clearer instructions for authenticating with an auth token

? How would you like to authenticate GitHub CLI? Paste an authentication token Tip: you can generate a Personal Access Token here https://github.com/settings/tokens ...