Launching a Linear OAuth app revealed a trust gap—here's what the data shows, and how Linear can solve it with a safer, more extensible app ecosystem.

Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving ...

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...

Google today unveiled a new G Suite security feature to improve data access controls and enhance phishing prevention: OAuth apps whitelisting. The feature is designed to help companies control how ...

OAuth is a great way to sidestep the dilemma of having to hand over passwords to third party sites and apps to access user data. This is the primary reason the authentication method is fast becoming a ...

Threat actors are increasingly including malicious OAuth apps in their campaigns to break into cloud-based systems and applications. To address this growing problem, Microsoft is adding automated ...

Google announced Monday that it has embraced OAuth for Google Apps, replacing a less secure system for developers. "Until today, Google Apps administrators had to sign requests for calls to Google ...

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code ...

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens ...