Security news aggregator

Latest coverage for Authentication

Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.

Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.

Showing 9 most recent headlines Filtered view

In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community

Bank Info Security 5 months, 1 week ago

Microsoft Beefs Up Runtime Security

Redmond Rolls Out 2 Desktop Security InitiativesMicrosoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone. Other controls include blocking legacy authentication protocols to ensure use of multifactor authentication.

Bank Info Security 5 months, 1 week ago

Moltbook Gave Everyone Control of Every AI Agent

Database Misconfiguration Exposed 1.5 million API TokensA misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch.

Bank Info Security 5 months, 1 week ago

Banks Face Dual Authentication Crisis From AI Agents

Experts Advise Moving From Verifying Identities to Knowing Agent IntentionsFinancial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But AI agents are creating a "dual authentication crisis" that traditional security frameworks cannot address.