The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

Google’s new MFA requirement for the Ads API strengthens security but may require advertisers to adjust authentication ...

Omer Tsarfati and his team at security firm CyberArk are now finally able to discuss a major OAuth 2.0 vulnerability that affects Microsoft Azure web services which they have been sitting on since ...

PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. PayPal fixed an issue that could have allowed an attacker to hijack OAuth ...

Choosing between SAML, OIDC, and OAuth 2.0? Explore 12 critical differences to help your B2B engineering team select the right authentication protocol today.

Salesforce subsidiary Heroku on Thursday said that the threat actor that stole Heroku GitHub integration OAuth tokens in April also accessed an internal database containing hashed and salted passwords ...

Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...

Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information ...