Passkeys: What They Are and Why You Need Them ASAP

Cybercriminals Create New Forums and Interrupt School Finals

June 8, 2026

Read on for the latest from the criminal underground, including threat actor & forum activity, the Canvas breach, device code phishing trends, and what to

What You Need to Know About Google DBSC & its Ability to Prevent Session Hijacking

June 1, 2026

Google announced a new feature called Device Bound Security Credentials (DBSC) for Chrome. Learn how it affects cookie theft and session hijacking.

Top Takeaways from the 2026 Verizon Data Breach Investigations Report

May 26, 2026

The 2026 Verizon DBIR is the largest breach dataset ever analyzed – and the findings hit close to home for identity security teams. SpyCloud unpacks

Device Code Phishing: The AiTM Attack That Bypasses MFA

May 8, 2026

Device code phishing is a fast-growing adversary-in-the-middle (AiTM) attack that exploits OAuth 2.0 device flow to harvest access and refresh tokens — bypassing MFA. SpyCloud

ShinyHunters, Supply CHAINS$ & Sketchy New Criminal Forums

May 7, 2026

Read on for the latest in supply chain compromises, cloud account takeovers, and breach forum shake-ups as we break down the biggest cybercrime trends of

PRESS RELEASE