{"id":222832,"date":"2026-03-12T09:14:00","date_gmt":"2026-03-12T13:14:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/12\/oauth-trap-edr-killer-signal-phishing-zombie-zip-ai-platform-hack-more\/"},"modified":"2026-03-12T13:35:08","modified_gmt":"2026-03-12T17:35:08","slug":"oauth-trap-edr-killer-signal-phishing-zombie-zip-ai-platform-hack-more","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/12\/oauth-trap-edr-killer-signal-phishing-zombie-zip-ai-platform-hack-more\/","title":{"rendered":"OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack &#038; More"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/threatsday-bulletin-oauth-trap-edr.html\">OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack &#038; More<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/threatsday-bulletin-oauth-trap-edr.html\">https:\/\/thehackernews.com\/2026\/03\/threatsday-bulletin-oauth-trap-edr.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-12 09:14:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Mar 12, 2026<\/span><\/span><span class=\"p-tags\">Cybersecurity \/ Hacking News<\/span><\/p>\n<p>Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of \u201cyeah\u2026 this is probably going to show up in real incidents sooner than we\u2019d like.\u201d<\/p>\n<p>The pattern this week feels familiar in a slightly annoying way. Old tricks are getting polished. New research shows how flimsy certain assumptions really are. A couple of things that make you stop mid-scroll and think, \u201cwait\u2026 people are actually pulling this off?\u201d<\/p>\n<p>There\u2019s also the usual mix of strange corners of the ecosystem doing strange things \u2014 infrastructure behaving a little too professionally for comfort, tools showing up where they absolutely shouldn\u2019t, and a few cases where the weakest link is still just\u2026 people clicking stuff they probably shouldn\u2019t.<\/p>\n<p>Anyway. If you\u2019ve got five minutes and a mild curiosity about what attackers, researchers, and the broader internet gremlins were up to lately, this week\u2019s ThreatsDay Bulletin on The Hacker News has the quick hits. Scroll on.<\/p>\n<ol class=\"td-timeline\" role=\"list\">\n<li class=\"td-item\">\n  <span aria-hidden=\"true\" class=\"td-dot\"\/><\/p>\n<p>    <span class=\"td-punch\">OAuth consent abuse<\/span><\/p>\n<p class=\"td-desc\">\n      Cloud security firm Wiz has warned of the dangers posed by malicious OAuth applications, highlighting how &#8220;consent fatigue&#8221; could open the door for attackers to gain access to a victim&#8217;s sensitive data by giving their malicious apps a legitimate-looking name. By accepting the permissions requested by a rogue OAuth application, the user is &#8220;adding&#8221; the attacker&#8217;s app into their company&#8217;s tenant. &#8220;Once &#8216;Accept&#8217; is clicked, the sign-in process is complete,&#8221; Wiz said. &#8220;But instead of going to a normal landing page, the access token is sent to the attacker&#8217;s Redirect URL. With that token, the attacker now has access to the user&#8217;s files or emails without ever needing to know their password.&#8221; The Google-owned company also said it detected a large-scale campaign active in&#8230;<\/p>\n<\/li>\n<\/ol>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/03\/threatsday-bulletin-oauth-trap-edr.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack &#038; More https:\/\/thehackernews.com\/2026\/03\/threatsday-bulletin-oauth-trap-edr.html Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":222833,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiXV4c7kTpbuiCqYlpV1_7JzOZ3Pz-M51G5q4u6vUoAjUZF32E3z0pJ7mNpG3gz4N9ai7SaQ-nDNpYJWfLc7e8CeYKCeNJQH8OAljb8V6HB_r4s1MWBYCoduTSf4iPbtpSqnIxpp2uXGGikUKEXUVlhEtFeB_Ddaw83fcaC9tmy-mBCWNRBzNnFoNyJTxDV\/s1600\/tday.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,35,25],"class_list":["post-222832","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-hacker","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222832"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=222832"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222832\/revisions"}],"predecessor-version":[{"id":222834,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222832\/revisions\/222834"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/222833"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=222832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=222832"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=222832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}