Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.

Amazon is shutting down an employee-created leaderboard that promoted excessive use of AI. An Amazon spokesperson said it "was never intended to promote the use of AI for usage's sake." Amazon's move ...

The tech giant deprecated its employee-built "KiroRank" ranking system after concluding it was pushing staff to inflate AI activity rather than solve genuine business problems, as major corporations ...

A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing ...

The Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (PSA) to warn the public about an emerging Phishing-as-a-Service (PhaaS) platform called Kali365, first seen in April ...

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass ...

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...

The golden age of Microsoft’s GitHub Copilot appears to be at an end — for the little guy, at least. The company is switching its billing system from a flat subscription rate to a token-usage system ...

Shanghai futures would be tied to AI model building blocks China's daily token usage surged to 140 trillion by March 2026 China experts push for token futures to compete with US in AI tech and finance ...

This is an edition of the WSJ Technology newsletter, a weekly digest of tech columns, big stories and personal tech advice. If you’re not subscribed, sign up here. So long, #Tokenmaxxing. We hardly ...