CSO Online

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...
Infosecurity Magazine

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...
CSOonline

Salt Security adds defense against OAuth attacks

Salt Security has added a new OAuth security offering to its API protection platform to help organizations detect attempts to exploit OAuth and fix vulnerabilities associated with the protocol. OAuth ...
Wired

Go Go Gadget OAuth Support

Passwords are a little bit more secure now that Google added OAuth support to its iGoogle Gadgets. Developers can now use their gadgets to easily grab data from OAuth-enabled APIs. Using OAuth, users ...
Business Wire

Nylas Announces First-Ever Program to Simplify the Google OAuth Verification Process and Security Assessment for Developers

SAN FRANCISCO--(BUSINESS WIRE)--Nylas, a leading provider of communications APIs for developers, today announced a strategic partnership with Leviathan Security Group, a leading Information Security ...
Macworld

Twitter announces permissions change, frustrates app developers

Twitter on Tuesday announced via its blog various changes aimed at allowing users finer-grained control over their accounts. To date, when another application (such as TweetBot, Twitterrific, or ...