In a groundbreaking advancement in the field of cyber-naughtiness, Russian hackers have decided that, much like floppy disks and MySpace profiles, passwords are simply too passé. In a daring exploit of Microsoft OAuth, these digital swashbucklers are now tapping into the communications goldmine of Signal and WhatsApp. And let’s be honest, who needs a key when you can just kick the door down?

The companies are just thrilled, showing the same level of enthusiasm as a cat at bath time. Microsoft, in particular, might be considering changing its default login page to ‘Surprise!’. Apparently, the tech giant was so focused on turning Windows into a service, they forgot to implement a ‘keep out’ sign big enough to deter these unwanted visitors.

Meanwhile, Ukraine allies and human rights advocates, the primary targets of these cyber Robin Hoods, are left with the digital equivalent of a new year’s gym membership: unwanted, but now part of their lives. They find themselves stuck in a high-stakes game of cat-and-mouse, where the mouse has a headset and is playing an entirely different game on Twitch.

The real lesson here seems to be, if you want secure communications in 2025, maybe it’s time to dust off those pigeons and Morse code machines. Because in the world of cybersecurity, it appears the best defense is simply not to play.