The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

Learn the security risks in SaaS supply chains and about ShinyHunters’ evolving extortion tactics behind the alleged Woflow breach. The post ShinyHunters Claims Woflow Breach: What It Means for SaaS ...

PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. PayPal fixed an issue that could have allowed an attacker to hijack OAuth ...

GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...

Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.

Using OAuth credentials to connect the viral AI tool OpenClaw to your flat-rate Claude or Gemini account could get you banned. Here’s why.

Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...

Anthropic updates terms to restrict OpenClaw access with OAuth tokens, with backlash over costs; local models become a common fallback.

Salesforce-owned PaaS vendor Heroku and GitHub have both warned that compromised OAuth user tokens were likely used to download private data from organizations using Heroku and continuous integration ...