FusionAuth

The FBI took the domains, but Handala already proved that "logged in" doesn't mean "safe." They didn't use a wiper; they used a hijacked admin session and Microsoft Intune to factory reset 80k+ devices. As FusionAuth CEO Brian Bell puts it: "Attackers didn't need to break in; they walked through the front door. The safeguard must be contextual." The fix isn't a domain seizure. It's step-up auth for high-value administrative actions. If your admin can wipe a fleet without a secondary MFA check, your auth layer isn't finished. fusionauth.link/4rIMFfa

The "readiness paradox" in cybersecurity is widening. 79% of IT leaders now cite AI-powered attacks as a significant threat. These aren't just faster scripts—they are autonomous agents that reason about your environment, chain exploits on the fly, and compress the timeline from initial access to full compromise from hours to minutes. Our CEO, Brian Bell, noted in TechNewsWorld today that many organizations are confusing compliance with resilience: "Passing an audit is not the same as stopping an autonomous agent from accessing data it shouldn't. Until organizations close the gap between how they feel about their security posture and how it actually performs under pressure, the readiness paradox will keep widening." Resilience in the AI age starts with identity. If your system can’t distinguish between a service account and a malicious autonomous agent in real-time, you aren’t defending the perimeter—you’re just watching it disappear.

Need some context before the webinar? Download our technical paper on Agentic AI and auth at fusionauth.io/tech-papers/se…

Shared service accounts are a security nightmare for agentic AI. AI agents need real identities, not hardcoded API keys. Next week, we’re diving into OAuth 2.0 flows for agents and why #NHI is the next major identity hurdle. Technical deep dive on tap. Join us: fusionauth.link/4bnxP7W

That’s a wrap on #GDC2026! 🎬🕹️ We’re officially packing up "Mom’s Basement" and heading home, but our hearts (and our lead queues) are full. This week was a massive reminder of why we do what we do: helping game developers spend less time on "auth plumbing" and more time on actual gameplay. A huge shout-out to the "Basement Crew" who made it happen: • Dayna: Our new CMO and the creative mastermind behind the "Mom's Basement" theme. Thank you for pushing us to be bold, nostalgic, and the most unique booth on the floor! • Sean: The design wizard who took Dayna’s vision and built it into reality. That wood paneling and vintage vibe were 10/10. • Shannon: The ultimate mastermind behind the scenes. None of this—from the wood paneling to the Sunny D—happens without her organization. • Brad: For his power talk on authenticating across generations. Apparently, it was so good that while 25+ people were in the seats, the GDC app is showing 100+ session scans. We’re still trying to figure out if Brad has a cloaking device or if the word just spread that fast through the halls! 🕵️‍♂️📈 • Nico: Our "Ironman" SDR. He didn't just work the floor; he lived it. If you got a demo this week, chances are Nico was the one making sure you saw the magic. • Brian Bell: Our CEO, for dropping in, rolling up his sleeves, and engaging with the community to show that FusionAuth is led by people who actually care about the dev experience. Whether you stopped by to talk about the PSN loophole, cross-platform account linking, or just to sit on the vintage couch and reminisce about the 90s, thank you for dropping by and being a part of the FusionAuth community. If we missed you in the basement, the door is always open online, get the full details at fusionauth.link/47zjHr1 #GDC2026 #FusionAuth #GameDev #MomsBasement #IdentityWithoutConstraints

Sorry, infinite loop 😛

Login can be tough, even for AI companies. Secure your app reliably AND lock down AI with FusionAuth fusionauth.link/3NsGCgV

Login can be tough, even for AI companies. Secure your app reliably AND lock down AI with FusionAuth fusionauth.link/3NsGCgV

For organizations with cloud infrastructure in the Middle East, the NCSC's latest advisory makes one thing clear: now is the time to review your resilience posture. Your identity layer touches every login, every API call, every session. If it goes down with the region, so does everything else. We built FusionAuth Cloud HA for this exact scenario — multi-AZ resilience with zero-downtime failover, and optional cross-region DR that recovers from a full region outage in roughly 15–30 minutes. For teams in impacted areas, deploying in a nearby stable region keeps your identity infrastructure solid while the situation evolves. 🔗 NCSC advisory: fusionauth.link/4sedCZe

Forget the high-tech neon and chrome—we’ve gone back to where every legendary game started: Mom’s Basement (okay, maybe not, but you get it). 🎮🏚️ The FusionAuth team is officially on-site at GDC Booth #534, and we’ve traded the corporate boardroom for wood paneling, family photos, and a couch so comfortable you’ll forget your launch-day auth stress. While you're hanging out in the basement, make sure to catch our resident expert, Brad McCarty, for his 20-minute power talk this Thursday, 3/12 @ 11:10 AM at the Festival Hall Theater. He’s going deep on how to manage player identity across every era of gaming without losing your mind (or your players). We’ve got expert auth advice, live demos, and definitely better swag than whatever is in your actual basement. See you at Booth 534! 🕹️🔥 #GDC2026 #FusionAuth #GameDev #IndieDev #MomsBasement

How to use OAuth to Add Authentication to Your React App ✍ @FusionAuth bit.ly/3Td8Gp3

Save your seat here: fusionauth.io/webinar/who-le…

Your IAM was designed for one assumption: that every identity is a person. That assumption is breaking. AI agents are now requesting access tokens, calling APIs, and making decisions inside your infrastructure... often using service accounts that were never built for autonomous software. The result is audit trails that can't explain who did what. Privilege escalations no one approved. And a growing gap between your security posture and your actual attack surface. On March 4, our Sr. Director of CIAM Strategy Dan Moore and Sr. Product Marketer Brad McCarty are unpacking what happens when identity models meet autonomous AI, and what the path forward looks like. You'll walk away with: → Why service accounts and human-centric IAM fail for agents → What happens when agents escalate their own privileges (real examples) → A practical starting point for governing autonomous software Plus, registrants get early access to our companion white paper: Securing Autonomous AI Agents. (link in thread)

Your AI agents are using credentials right now. Do you know which ones? Traditional IAM assumes a human approves access, reads logs, and catches escalations. Agents don't do any of that. On March 4th we'll have a live session with Dan Moore and Brad McCarty talking about: – Where identity models actually break with autonomous agents – Real failure patterns (not theory) – A governance starting point that works And as an added bonus, registrants get early access to our new whitepaper, Securing Autonomous AI Agents. Register here: fusionauth.link/46vHdol

API security in the early 2010s: discovery was messy, gateways were immature, policy was scattered everywhere. MCP security in 2026 looks exactly the same. Listen as @mooreds joins the Application Security Weekly podcast to break down why the problems agents face aren't new — but the speed and non-determinism of the actors are. When software can exhaust every possibility at machine speed, "just use OAuth" isn't an answer. The episode covers the real authorization gap in MCP, why consent fatigue is an anti-pattern, and what centralizing policy actually looks like for agent architectures. 🔗 fusionauth.link/4aDKLpN

The CIAM market is shifting. Buyers are prioritizing flexibility, deployment control, and cost transparency. Legacy platforms built for a different era are slowing down. G2's Winter 2026 Momentum Grid reflects where teams are actually moving, and FusionAuth is positioned as a Leader. This placement combines: • Strong customer satisfaction (4.5 across 100+ reviews) • Accelerating adoption (top 25% for momentum) • Growth signals based on verified users, not marketing claims We're proud to be positioned ahead of the competition, and grateful to the teams who chose FusionAuth and took the time to share their experience! 📊 fusionauth.link/4aBl9tL

New in the FusionAuth CLI: generate thousands of realistic test users in seconds, manage localized email templates from your repo, and run a pre-flight config check before you go live. All from the terminal. All open source. Thanks to Drilon Ibrahimi from the community for contributing message template management. 'npx fusionauth --help' to get started → fusionauth.link/409S5EE

Some things should never be SaaS. Specifically, your identity core. When you share architecture with 10,000 other companies, you inherit 10,000 other companies' risks. We call this the Blast Radius Problem. If you’re in Fintech, Healthcare, or any high-stakes industry, you can't afford to be "collateral damage" in a vendor's regional outage. Join us Feb 24th for a deep dive into isolated deployment models and why isolation should be the default, not a premium add-on. Register here: fusionauth.link/4ryq0mt

Built In named us a 2026 Best Place to Work in Seattle and Denver 🎉 We hire smart people and trust them. Our product runs anywhere, cloud, on-prem, hybrid. Our team works the same way. Engineers who build it talk to customers who use it. Real flexibility. Comprehensive benefits. No escalation mazes. Technical depth over titles. We're hiring too! Read more: fusionauth.link/466jT0c