A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...
A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. PayPal fixed an issue that could have allowed an attacker to hijack OAuth ...
Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...
Salesforce subsidiary Heroku on Thursday said that the threat actor that stole Heroku GitHub integration OAuth tokens in April also accessed an internal database containing hashed and salted passwords ...
Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...
Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information ...
Salesforce-owned PaaS vendor Heroku and GitHub have both warned that compromised OAuth user tokens were likely used to download private data from organizations using Heroku and continuous integration ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback