Millions of airline customers possibly affected by OAuth security flaw
By abusing the flaw, they would be able to book hotel rooms, rent cars, and modify any booking information, easily. To make ...
Cyber Defense Magazine10 小时
20% of Organizations Have Experienced a Non-Human Identity Security Incident
Today’s business environment requires teams to do more — better than before, and at a faster rate. Thanks to third-party apps ...
SD Times7 年
The importance of OAuth 2.0
OAuth is an open, secure data sharing standard designed to protect user data by providing access to that data, but keeping a user’s identity private. The standard was created in 2006 ...
The Hacker News11 天
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
API vulnerability in airline-linked travel service exposed millions to account takeovers, booking fraud, and data theft ...
This Free Browser Extension Lets You Bookmark Bluesky Posts
Bluesky doesn't yet have bookmarks or the ability to save posts to read later. Kyst is a browser extension that adds this ...
Android23 天
Google’s OAuth flaw is potentially exposing millions of accounts
Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is ...
Supply chain attack hits Chrome extensions, could expose millions
Cybersecurity outfit Sekoia is warning Chrome users of a supply chain attack targeting browser extension developers that has ...
Security Boulevard3 天
Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip
Explore how the Cyberhaven attack exposes the dangers of 'consent phishing', a tactic that bypasses even robust security ...
Bleeping Computer25 天
Google OAuth flaw lets attackers gain access to abandoned accounts
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to ...