#oauth

[ follow ]
#cybersecurity #authentication #ai-agents #phishing #microsoft-365 #security #identity-security #onedrive
Information security
fromTechRepublic
1 week ago

Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A sophisticated phishing campaign exploiting Microsoft 365 accounts has affected over 340 organizations across five countries using a legitimate OAuth feature.
#cybersecurity
Information security
fromThe Hacker News
1 week ago

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

An active device code phishing campaign targets Microsoft 365 identities across over 340 organizations in multiple countries, utilizing various deceptive techniques.
fromThe Hacker News
10 months ago
Privacy professionals

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access - Even When Uploading Just One File

A security flaw in OneDrive File Picker could allow extensive unauthorized access to a user's cloud storage.
Information security
fromThe Hacker News
1 week ago

Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse

An active device code phishing campaign targets Microsoft 365 identities across over 340 organizations in multiple countries, utilizing various deceptive techniques.
more#cybersecurity
Information security
fromTechzine Global
1 month ago

Okta tackles shadow AI with new agent discovery tools

Agent Discovery provides visibility into unauthorized AI agents by detecting OAuth connections and mapping unsanctioned AI tool access and permissions to corporate apps.
#ai-agents
fromZDNET
3 months ago
Privacy professionals

The coming AI agent crisis: Why Okta's new security standard is a must-have for your business

fromZDNET
3 months ago
Privacy professionals

The coming AI agent crisis: Why Okta's new security standard is a must-have for your business

more#ai-agents
Information security
fromThe Hacker News
5 months ago

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Stolen OAuth and API tokens enable attackers to bypass MFA and access SaaS systems, making token hygiene and rotation critical to prevent breaches.
fromRaymondcamden
6 months ago

ColdFusion (2025)'s CFOAUTH Tag

The tag did a good job of handling creating the right oauth link for you. So you could (after setting stuff up with your provider of course) drop the tag on a page, and when the user hit it, they would be prompted to login with the third party provider. When returned, the tag would handle getting the access token and such and giving you a nice little structure of data for you to use.
Software development
Privacy professionals
fromIT Pro
10 months ago

A flaw in OneDrive's File Picker feature could give access to hundreds of apps

A security flaw in OneDrive's File Picker exposes user content to third-party apps, risking data leakage.
Ruby on Rails
fromRubyflow
10 months ago

Sign in with Apple for Rails apps

OAuth reduces account creation friction; implementing Sign in with Apple is crucial for app compliance and user experience.
DevOps
fromAzure DevOps Blog
11 months ago

Spring Cleaning: A CTA for Azure DevOps OAuth Apps with expired or long-living secrets - Azure DevOps Blog

Azure DevOps OAuth apps will be phased out by 2026, urging migration to Microsoft Identity platform.
App owners are encouraged to implement secret rotation for improved security.
[ Load more ]