Security Boulevard

OAuth Scopes & Consent: Complete Guide to Secure API Authorization

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API ...
HHS

Mitigating the Risks of Malicious OAuth Apps

Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving ...
Dark Reading

OAuth Attacks Target Microsoft 365, GitHub

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...
Bleeping Computer

OAuth risks: How to identify, investigate, and mitigate them

We’re now all too familiar with the ubiquitous “Sign in with Google” button we encounter all over the internet. For most of us, it has become the go-to “easy button” for managing the sprawling set of ...