Skip to content
The Nexus
DossierENTITY

session tokens

Coverage of session tokens in the Nexus archive.

Earliest in view: May 25 · 12:45 UTCMost recent: Jun 17 · 10:30 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 17 · 10:30 UTCTHE HACKER NEWS
    The Top 10 Attack Surface Exposures in 2026

    The article highlights that breaches often originate from non-zero-day vulnerabilities, such as brute-forced admin panels and reused credentials. It specifically mentions the MongoBleed vulnerability, which allows attackers to extract credentials and session tokens from server memory without authentication, emphasizing the risks to internet-facing systems.

  • SECURITYMay 25 · 12:45 UTCBLEEPING COMPUTER
    FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

    The FBI has issued a warning about the Kali365 phishing-as-a-service platform, which exploits OAuth device code authentication to hijack Microsoft 365 accounts. The service steals session tokens and bypasses multi-factor authentication (MFA), posing a significant cybersecurity threat.