OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Learn the security risks in SaaS supply chains and about ShinyHunters’ evolving extortion tactics behind the alleged Woflow breach. The post ShinyHunters Claims Woflow Breach: What It Means for SaaS ...

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...

Heads turned Wednesday when Twitter turned off its popular new authentication service, which uses the emerging OAuth web standard. The real story soon broke that someone exposed an OAuth security ...

The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...

Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.

The emerging OAuth 2.0 Web API authorization protocol, already deployed by Facebook, Salesforce.com and others, is coming under increased criticism for being too easy to use, and therefore to spoof by ...