The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.
Yahoo Finance

Amazon says it shut down a token leaderboard: 'Don't use AI just to use AI'

Amazon is shutting down an employee-created leaderboard that promoted excessive use of AI. An Amazon spokesperson said it "was never intended to promote the use of AI for usage's sake." Amazon's move ...
Mint

Amazon tells staff to stop using AI just to use AI after shutting down its token leaderboard

The tech giant deprecated its employee-built "KiroRank" ranking system after concluding it was pushing staff to inflate AI activity rather than solve genuine business problems, as major corporations ...
TechRadar

OpenAI Codex tool with over 29,000 downloads linked to malicious npm supply chain attack stealing authentication tokens

A newly discovered supply-chain attack on npm is targeting software developers using OpenAI Codex. Codex is OpenAI’s coding assistant and software engineering agent that can write and review code, fix ...
Homeland Security Today

FBI Warns Phishing Kit is Bypassing Microsoft Multi-Factor Authentication Through OAuth Token Hijacking

The Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (PSA) to warn the public about an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, first seen in April ...
Bleeping Computer

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass ...
CNBC

Tokens or humans? The new corporate trade-off

AI is turning out to be more expensive than enterprises expected, and CFOs are now trading future headcount for tokens. Roughly 95% of enterprise AI still runs on the priciest frontier models even for ...
Harvard Business Review

How People Are Really Using AI in 2026

It’s been three-and-a-half years since generative AI exploded onto the scene. In this past year, progress has continued its relentless pace: Vibe coding took off, companies embraced agentic workflows, ...
Wall Street Journal

Tokenmaxxing Maxes Out

This is an edition of the WSJ Technology newsletter, a weekly digest of tech columns, big stories and personal tech advice. If you’re not subscribed, sign up here. So long, #Tokenmaxxing. We hardly ...
Wall Street Journal

Corporate America Is Starting to Ration AI as Cost Skyrockets

Use of artificial intelligence by big companies is exploding—and the soaring cost has some of them pumping the brakes in a way that could complicate AI’s triumphal march across the economy. Executives ...
Ars Technica

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

In April, GitHub announced that it was moving subscribers from request-based billing to a usage-based model for its AI-powered Copilot service. As that new pricing model goes into effect today, many ...