Security Boulevard

SAML Security: Complete Guide to SAML Request Signing & Response Encryption

Learn how SAML request signing and response encryption protect your SSO implementation. A comprehensive guide covering integrity, confidentiality, and best practices.
Bleeping Computer

GitHub warns of SAML auth bypass flaw in Enterprise Server

GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4985, which impacts GitHub Enterprise Server (GHES) instances using SAML single ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Dark Reading

Echoes of SolarWinds in New 'Silver SAML' Attack Technique

After the threat actor behind the SolarWinds attack compromised the company's Orion network management product and leveraged it to break into target enterprise networks, the group often used a ...
CSOonline

If you are generating SAML signing certificates externally, STOP!

SAML authentication certificates, generated with tools other than dedicated cloud identity solutions, can be forged by hackers, according to a new proof of concept. There is now a way to forge ...