Bleeping Computer

Microsoft: OAuth apps used to automate BEC and cryptomining attacks

Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth (short for Open ...
Infosecurity-magazine.com

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Single sign-on (SSO) is a foundational component of modern identity architecture, simplifying access for users while allowing security teams to apply consistent controls across applications. When ...
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...