Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information.

“We hope this series has helped educate the broader industry on the nature of potential OAuth implementation errors and how to close these API-based security gaps to better protect data and use ...

This appears to be the first public implementation of Gmail IMAP oAuth support. For email services, this is a big deal. We expect Google to announce support for the new feature more broadly this week.

Update: This article originally stated that Threadsy was the first web app to implement Gmail OAuth which was incorrect. That title goes to Etacts. Thready was the first web based email client to ...

Critical security flaws in Booking.com’s implementation of Open Authorization (OAuth) could have enabled attackers to launch large-scale account takeovers, putting millions of people’s ...

The callback feature in Twitter's OAuth implementation can be abused, a researcher said at Hack in the Box By Lucian Constantin CSO Senior Writer, IDG News Service| ...

OAuth has rightly gained lots of popularity these days and even given the current session fixation issues, I’m a strong fan of the delegated access control it promotes and helps implementing ...

Jing, who released videos that walk through the exploit, shows how Facebook’s OAuth implementation is hacked using an open redirect parameter that sends a user's access token to a malicious site ...

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...

Twitter recently transitioned to OAuth, but the social network's implementation of the new authentication system has some serious flaws. Ars shows how easy it was to compromise the secret key of ...