Some Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.

ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

The Salesloft Drift breach is expanding fast. Learn what’s at risk and the 7 critical steps security teams should take to ...

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies ...

Before OAuth, the default authentication model for native applications was the so-called ‘password anti-pattern’ in which the native application would ask the user to provide their password for the ...

Designing custom Generative Pre-trained Transformers (GPTs) and adding OAuth Authentication is a big step for anyone who want to improve their custom GPTs. This integration makes it possible to ...

Twitter officially disabled Basic authentication this week, the final step in the company's transition to mandatory OAuth authentication. Sadly, Twitter's extremely poor implementation of the ...

Google has simplified the OAuth authorization process for users who give a third-party app access to Google apps such as Docs and Drive. The update, though minor, makes it possible for users to ...

In addition to OAuth 2 authentication, Nginx's update also adds fully supported implementation of HTTP/2, with Nginx previously assisting open-source developers to work on their implementation.

This is it in a nutshell and OAuth is far from impenetrable. Here is a How To guide for exploiting the vulnerabilities in OAuth authentication.