Security News

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
2025-04-24 20:24

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. [...]

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
2025-04-23 10:49

Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft...

Attackers phish OAuth codes, take over Microsoft 365 accounts
2025-04-23 10:23

Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the...

Phishers abuse Google OAuth to spoof Google in DKIM replay attack
2025-04-20 17:31

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google's systems, passing all verifications but pointing to a fraudulent...

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
2025-03-16 18:36

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers...

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
2025-03-16 14:19

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]

OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
2025-01-28 14:02

Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw,...

Google OAuth flaw lets attackers gain access to abandoned accounts
2025-01-14 17:28

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various...

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
2025-01-14 16:38

New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data....

Gitloker attacks abuse GitHub notifications to push malicious oAuth apps
2024-06-10 22:24

Threat actors impersonate GitHub's security and recruitment teams in phishing attacks to hijack repositories using malicious OAuth apps in an ongoing extortion campaign wiping compromised repos. Many GitHub users who have fallen victim to these attacks also report having their accounts disabled and losing access to all repos-likely after other victims reported them for being abused to push comment spam.