Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.

Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data ...

Phishing attackers bypassed Microsoft's verified publisher checks to create apps that dupe victims into granting access to their online accounts.