Security News


FireEye on Monday announced the availability of a platform to allow organizations and pentesters check their ability to detect and respond to OAuth abuse attacks. read more

Mitigations put in place by Google in May 2017 to help block phishing attacks such as the recent OAuth worm weren’t enough to completely mitigate the issue, as Google's platform still allowed...





PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. The vulnerability was publicly disclosed on Monday by Antonio Sanso,...

Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover.
