ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
SD Times

The importance of OAuth 2.0

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Security Boulevard

OAuth Scopes & Consent: Complete Guide to Secure API Authorization

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API ...
The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...

Obsidian Security targets rising tide of SaaS integration threats

Obsidian pointed to last summer’s breach of Salesloft Inc.’s cloud sales platform as one of the largest and most recent ...
CNET

OAuth 2.0 leader resigns, says standard is 'bad'

The standard grew too far away from its roots as a simple Web authentication technology, author Eran Hammer-Lahav says, and now is insecure and overly broad. Stephen Shankland worked at CNET from 1998 ...
Cybernews

Grubhub confirms data breach: hackers demand ransom tied to Salesforce attacks

Grubhub confirms a breach linked to last year's Salesforce attacks, while sources say the ShinyHunters group is threatening ...
Security Boulevard

OAuth Authorization Server Setup: Implementation Guide & Configuration

Learn how to build and configure an enterprise-grade OAuth authorization server. Covering PKCE, grant types, and CIAM best ...
CSOonline

What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...