Microsoft Graph delta queries allow applications to identify added, changed, or deleted objects without performing a full read of the entire resource. This mechanism is ideal for synchronizing local data stores with Entra ID but is unsuitable for long-term reporting due to a seven-day token expiration limit. Because these tokens expire quickly, they cannot establish the 30-day baseline required for monthly change tracking.

Source

The Linux Foundation has introduced the Agent Name Service (ANS), an open standard designed to provide artificial intelligence agents with trusted identities. This framework utilizes the existing Domain Name System (DNS) to verify an agent's organizational affiliation and specific permissions. By anchoring identity to DNS, the service avoids proprietary registries and allows for the verification of an agent's code integrity and activity history.

Source

A supply chain attack targeting the market intelligence platform Klue has resulted in the theft of OAuth tokens used by several high-profile organizations. The Icarus extortion group gained access to Klue's infrastructure by exploiting a dormant legacy credential for a prototype integration service. Once inside, the threat actors exfiltrated OAuth tokens that allowed them to query connected third-party environments, specifically targeting Salesforce CRM data.

Source

Anthropic has updated its privacy policy to include mandatory identity verification for consumer accounts under specific circumstances. Starting July 8, 2026, users of the Free, Pro, and Max plans may be required to submit government-issued identification and biometric data. This process involves capturing a live selfie and a scan of a photo ID to generate facial geometry templates for authentication.

Source

Salesforce has disabled the Klue Battlecards app integration after a security breach at the competitive intelligence firm exposed customer data. The incident originated from a compromised legacy credential within Klue's infrastructure, which allowed an extortion group known as Icarus to push malicious code. This code collected OAuth tokens that customers use to connect Klue to their own environments, effectively bypassing standard authentication measures like passwords or multi-factor authentication.

Source

IBM and Microsoft have launched a collaborative service designed to bridge the gap between detecting identity-based threats and executing governed remediation. The partnership integrates Microsoft’s security telemetry with IBM’s managed response services to address the rising volume of credential-based attacks. This solution specifically targets risks such as multi-factor authentication abuse, token theft, and unauthorized privilege escalation.

Source

Anthropic has announced the general availability of Workload Identity Federation (WIF) on the Claude Platform. This feature supports any OpenID Connect (OIDC) compliant identity provider, including AWS IAM, Azure managed identities, and Google Cloud Platform service accounts. It applies to all Claude API endpoints, first-party software development kits (SDKs), and Claude Code.

Source