The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.
InfoQ

Harbor 1.8 Includes OIDC Integration and Replication Enhancements

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Entra ID for Linux: Himmelblau 3.0 extends enterprise features

The open-source framework Himmelblau brings extensive new features for the integration of Linux systems with Microsoft Entra ID.
InfoQ

HashiCorp Boundary: Remote Access Management Service Adds OIDC Support

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Sophie Koonin discusses the realities of ...
Ars Technica

OpenIDConnect/Oauth2 and multiple audiences

* or one access token with multiple audiences? The scenario I'm thinking of is when apis are developed in separate product organisations, all being registered in the same identity service, but with ...