News

Hackers steal data from Salesforce instances in widespread campaign

Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.
Threat Post11y

Google Recommends Developers Support OAuth 2.0 | Threatpost

Google announced it will add additional security checks to log-in attempts from applications or devices that do not support OAuth 2.0.
Bleeping Computer5y

Google to Force OAuth in G Suite to Increase Security

Google advises developers to update their apps to use OAuth 2.0 as a connection method to maintain G Suite account compatibility and provides help on how to use OAuth 2.0 to access Google APIs.
Bleeping Computer7mon

Google OAuth flaw lets attackers gain access to abandoned accounts

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various ...
Android7mon

Google’s OAuth flaw is potentially exposing millions of accounts

This Google’s OAuth flaw that could allow attackers to inherit credentials from old accounts of former failed startups employees.
PC World8y

Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.