Threat Post

Twitter OAuth API Keys Leaked

The OAuth keys and secrets that official Twitter applications use to access users’ Twitter accounts have been leaked in a post to Github this morning. The OAuth keys and secrets that official Twitter ...
Bleeping Computer

GitHub: How stolen OAuth tokens helped breach dozens of orgs

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. The attacker used stolen OAuth ...
Bleeping Computer

Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...
TechRepublic

How to manage third-party app API access in Google Workspace

To improve security, an administrator can block all third-party API app access to Workspace data, but more targeted methods may be better overall. Recently, Google added a Workspace security setting ...