Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
Bleeping Computer

Bitwarden introduces ‘Cupid Vault’ for secure password sharing

Bitwarden has launched a new system called ‘Cupid Vault’ that allows users to safely share passwords with trusted email addresses. Cupid Vault works by allowing users of the free version of Bitwarden ...
GitHub

Authelia Admin Control Panel

A web-based administration interface for managing Authelia authentication server with LLDAP. Configuration can be provided via YAML file or environment variables. Environment variables specific to the ...
Bleeping Computer

Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been published in less than a week on the tool’s official registry and on GitHub.