SiliconANGLE

Microsoft details three OAuth-focused hacking campaigns

Microsoft Corp. on Tuesday detailed three hacking campaigns that made use of OAuth, a technology commonly used to let workers log into business applications with their Microsoft and Google accounts.
Wired

Twitter Moves to OAuth: The OAuthcalypse Is Nigh

Twitter is killing support for basic user authentication in third-party apps on Tuesday morning, the company says. Instead, Twitter will now require all third-party app developers to use OAuth for ...
Bleeping Computer

Google to Force OAuth in G Suite to Increase Security

Google announced that it will block less secure apps (LSAs) from accessing G Suite account data starting February 2021, following an initial stage of limiting their access during June 2020. This ...
Bleeping Computer

Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...
VentureBeat

Hackers use stolen OAuth access tokens to breach dozens of organization’s internal systems

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...