Descope 2.0 Cuts AI Surface 25%, Zscaler 100% Pwn Rate, OAuth Phishing 149 M creds, GhostPoster steals 390 k passwords.

TL;DR

• Descope launches Agentic Identity Hub 2.0 to secure AI agents and MCP servers
• Zscaler’s 2026 AI Security Report reveals 100% of enterprise systems vulnerable to 16-minute compromise
• Microsoft Entra ID Agent Identities Exploited in OAuth-Consent Phishing Campaigns
• 16 Malicious Chrome Extensions Steal ChatGPT Session Tokens, Exfiltrate GitHub and Slack Data
• Credential-Stealing Malware Exposes 149 Million User Accounts Including 420K Binance Credentials

🛡️ Descope 2.0 Bouncer Cuts AI Attack Surface 25%

Descope Agentic Identity Hub 2.0 federates SSO, enforces least-privilege OAuth tokens; 25% smaller zero-day surface. 1B agents by 2029, 96% orgs lack registry, 68% pilot CopilotChat w/ free creds in Slack. Watch metered pricing vs breach-fatigue cost, human kill-switch still mandatory.

Your AI agents are partying harder than interns with a corporate Amex, and Descope just shipped a 2.0 bouncer named Agentic Identity Hub. Cute, right? Promises to slap federation handcuffs and least-privilege ball gags on every MCP server and errant LLM in the building. Translation: 25 % less surface for the next zero-day to tongue-kiss.

Who’s Bleeding This Time?

• Anthropic’s Git MCP—prompt-injection peep show.
• ServiceNow’s Virtual Agent—CVE-2025-12420, a.k.a. “knock-knock, no auth required.”
• One billion agents projected by 2029—think locusts, but they eat API keys.

What Hub 2.0 Actually Delivers

1. Federation glue—SSO on steroids; 80 % fewer stale IAM footprints.
2. OAuth client-cred flow—Level-2 bots get scoped tokens, not crown-jewel master keys.
3. Delegated auth ladder—Level-3 if agent A wants to puppet agent B; no free lateral moves.
4. Real-time policy engine—kills sessions faster than you can say “prompt injection.”
5. Dashboard spam—pretty graphs proving 30 % fewer AI-flavored breaches (they hope).

Market Reality Check

• 96 % of orgs swear they’ll build an agent registry—half will still dump creds in Slack by Friday.
• 68 % admit they’re piloting CopilotChat because it’s “free”—guess where security budget sits?
• Hub ’til you drop: subscription metered by active agents; cheaper than breach-fatigue therapy, pricier than a cron job plus prayer.

Bottom-Lines & B.S. Detector

Upside: Standardized auth means auditors quit whining, SOC sleeps four hours instead of two.
Downside: If you can’t architect least-priv inside your own spaghetti micro-services, Hub 2.0 becomes another overpriced pacifier.
Net: A solid shim for shops already sold on Descope; duct-tape federation for the rest. Roll it, log it, and keep a human with a kill-switch—because bots don’t fear HR.

💥 100% Pwn Rate in 16 Minutes

Zscaler scanned 100% pwn rate—16min avg to ransom. 327% agentic AI growth, 79% blind, 73% prompt-injectable.

Zscaler just drop-kicked 2026’s feel-good AI hype straight into the ICU: every single enterprise box they scanned is a 16-minute speed-run to “Game Over.” Not 16 hours, not 16 days—sixteen lousy minutes from “Hello, world” to “Hello, ransom note.” The report is 42 pages of corporate hemoglobin splatter, and the C-suite still wants to know why we can’t “move fast and break things.” Buddy, things are already broken—your perimeter, your pride, and probably your SOC intern’s will to live.

100 % pwn-rate? Did we run out of rock bottom? 🪨

Zero-day buffet on the menu: VoidLink, Reprompt, Cisco’s fresh CVE-2026-20045, plus whatever the underground TikTok chefs cook up before lunch. Patch Tuesday? More like Panic-Everyday. Meanwhile the board keeps asking for “AI ROI.” Sure—327 % growth in agentic crapware, 79 % of it flying blind, 73 % wide-open to prompt-injection vomit. Translation: we’re stapling jet engines to paper airplanes and wondering why they nosedive into the CISO’s forehead.

Sleep tight, heroes—your firewall is a screensaver and the CFO still thinks “exploit” is a verb for Excel. 🛌🖤

🔑 OAuth Phishing Feasts on 149M Creds

OAuth-consent phishing hits 28.5k Entra ID tenants/day, 149M creds now for sale. 72h EU breach fine clock ticks; block default app consent, grep logs hourly, patch in 24h or pay later.

Another sunrise, another 28,500 Microsoft Entra ID agents handing the keys to the kingdom to a URL that looks like it was typed by a drunk cat. OAuth-consent phishing is back on the menu, and this time the chefs—ShinyHunters et al.—spiced it up with vishing, fake Captcha pages, and something called “Markdown Exfiltrator” (sounds like a band, steals your data instead of your heart).

149 Million Passwords Walk Into a Bar…

… and none of them leave encrypted. The credential buffet now tops 149.4 M unique login/password pairs, freshly tagged, bagged, and up for bulk resale. If your corporate mantra is “we use MFA,” congrats—attackers simply ask users to MFA-consent to their own doom. One click, token issued, game over. No zero-day required, just zero-common-sense.

Microsoft’s Patch Hamster Wheel 🐹

Redmond’s security patches arrive faster than TikTok trends—install by lunch or get owned by dinner. The official timeline: 24 h for “enhanced” patches, 48 h for “advanced” phishing training. Translation: IT teams get to spend the weekend stapling notices that say “don’t click the shiny link” while C-suite counts the insurance deductible.

AI-Phishing: Now With Deepfake Voices

Move over typo-riddled prince emails; today’s lure is a concerned “IT voice” that knows your boss’s nickname and the exact amount of your last expense report. LLMs craft the script, voice-cloning delivers it, and the victim—still dazzled by the word “AI”—hands over the session cookie like it’s a party favor.

Budget Reality Check: $0 Defenses That Actually Work

1. Block consent to any new app by default—yes, even “ProductivityBoosterPro.”
2. Export sign-in logs to a $5 VPS and grep for “consent” every hour; congratulations, you just built a “next-gen” detection stack.
3. Slack-off the marketing department’s pleas for fancy SAML portals—they’ll thank you when the breach headline isn’t their logo.

EU Regulators Enter, Stage Left

Brussels just tightened the screws: miss the 72-hour breach notice window and fines scale with GDP, not your puny revenue. Cue every CISO frantically rewriting incident-response playbooks in Comic Sans to calm the board.

Next Episodes Already Filming

• Voice-print cloning of your CEO requesting wire transfers.
• Hyper-personalized phishing seeded from your own leaked Jira tickets.
• Zero-day in the “secure” AI copilot you rushed to deploy—because nothing says “future” like a chatbot with sysadmin rights.

Stay paranoid, stay patched, and remember: the only safe OAuth prompt is the one you nuked at the firewall.

🕵️ GhostPoster Chrome Extensions Steal 390k Passwords

GhostPoster extensions looted 390k passwords & 30M cookies via Stanley exploit; Google pulled 16 add-ons 27 Jan yet only 30% of victims removed them. 70% unpatched = 3.2M breach bill; rotate tokens, 2FA everything, trash unknown Chrome extensions before Lazarus & Konni pivot again.

Popped open Chrome this morning and—bam—your ChatGPT token, GitHub creds, and Slack snark are already on a Tor flea market. Sixteen extensions—cute little icons you installed to dim your screen or turn cat photos into haiku—were actually GhostPoster’s data-suction straws. Ten-day detection lag, 30 % patch uptake. Translation: we’re all walking around with digital “KICK ME” signs stapled to our MAC addresses.

Who Bankrolled the Heist? 🕵️‍♂️💸

Indicators scream “state or syndicate,” not some hoodie in mom’s basement. They weaponized the Stanley exploit to skip Google’s review queue, then chained it with Lazarus’ fake-font VS Code dropper. Net result: 390 k passwords, 30 million cookies, and one OpenAI team-invite phishing blast that hoodwinked multiple employees simultaneously. If that’s not a coordinated supply-chain gang-bang, I’m a Nigerian prince.

Why AI Extensions Are the New USB Drop 💉🤖

Session tokens are the cocaine of 2026: light, portable, and instantly tradable. Once the extension sniffs your chat.openai.com JWT, it politely asks GitHub and Slack APIs to roll over—no password needed. No 2FA either, because the browser already “trusts” you. It’s like giving your house key to the dog and acting surprised when the dealer moves in.

Patch? LOL, 70 % of You Won’t Bother 🦥🔥

Google yanked the extensions on Jan-27, but less than a third of victims have clicked “Remove.” The other 70 % are basically volunteering for round two. Meanwhile, Konni’s PowerShell malware is pivoting to blockchain devs, and Copilot Personal’s Reprompt bug is still handing out session rides like candy. Pro tip: if you can’t spare five minutes to nuke a rogue plugin, spare 3.2 million bucks for the breach bill—your CFO will happily invoice you.

Survival Cheat-Sheet 🛠️🍻

1. Chrome menu → Extensions → trash anything you didn’t install sober.
2. Rotate every token, API key, and password—yes, even the “super-secret” P@ssw0rd123.
3. 2FA on everything; hardware key if you’ve got one.
4. Yank VS Code extensions that auto-run tasks—your IDE is not a nightclub, stop letting strangers dance on your codebase.
5. Bonus credit: switch to Firefox, uBlock, and open-source tools that don’t monetize your soul—because the next 16 extensions are already warming up.

Now if you’ll excuse me, I’m off to pour whiskey into my coffee and audit the only extension I trust: the off button.

In Other News

• Amatera infostealer spreads via ClickFix CAPTCHA scams using App-V scripts
• BellSoft releases hardened Java container images reducing vulnerabilities by 95%
• Hackers exploit typosquatting domains like rnicrosoft.com to steal credentials via fake Microsoft emails
• Two VSCode Extensions Exfiltrate User Data to Chinese Servers
• KONNI Cybercriminal Group Deploys AI-Generated PowerShell Backdoor to Target South Korean Developers and Crypto Entities
• Nova Ransomware Claims Breach of KPMG Netherlands, Exfiltrates Sensitive Data
• AI-Assisted Coding Tool CKB Exposes 80+ MCP Tools for Security Scanning and Dead Code Detection
• TikTok Data Center Outage Disrupts US Operations, Sparks Regulatory Scrutiny and Privacy Policy Updates