The GitHub OAuth attack exposed a security blind spot in the ever-growing web of permissions spanning developers, service ...

UPDATE Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third ...

Hackers have stolen large volumes of data from numerous corporate Salesforce instances. They abused compromised access tokens ...

ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

SSOJet delivers far more than "just SSO": we give your team the visibility, control, and security intelligence needed to defeat device flow phishing and build a future-proof identity management ...

The vulnerability, which exploits Facebook’s OAuth authentication dialog, was detailed by security researcher Nir Goldshlager in a blog post last week.

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various ...

Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned.

Starting August 31st, all Twitter applications now require the use of the OAuth ID to be able to access your Twitter account. Advantages of this move are: Applications are no longer allowed to ...