Canary Trap’s Bi-Weekly Cyber Roundup

Canary Trap’s bi-weekly roundup details several concurrent high-impact cybersecurity issues: a Navia breach exposing millions of records including 287 HackerOne employees, a large OAuth device-code phishing campaign (linked to the EvilTokens PhaaS) that compromised Microsoft 365 sessions across 340+ organizations, critical TP-Link router vulnerabilities enabling authentication bypass and remote takeover, and a claimed Lapsus$ data theft from AstraZeneca; the report also notes the FCC’s policy to block new foreign-made consumer routers due to supply-chain and national-security concerns.