6 articles tagged with "Oauth"
New ConsentFix v3 attack automates Microsoft Azure OAuth credential theft using Pipedream webhooks and Cloudflare phishing pages. Pre-trusted apps bypass MFA entirely.
AiTM and token theft attacks hit 40,000 daily incidents in 2026. CISA warns OAuth tokens bypass MFA, enabling invisible lateral movement across SaaS apps.
Compromised Google Workspace OAuth app 110671459871-30f1spbu0hptbs60cb4vsmv79i7bbvqj breached Vercel, exposing API keys and source code. Hackers demand $2M; audit Workspace apps and rotate credentials.
Security researchers expose 108 malicious Chrome extensions operating under five fake publishers, stealing Google OAuth tokens, Telegram sessions, and injecting ads. Over 20,000 users affected.
EvilTokens phishing platform targets Microsoft 365 identities across US, Canada, Australia, New Zealand, and Germany. OAuth abuse bypasses MFA to steal access tokens.
Classic Outlook users can finally sync Gmail again after Microsoft resolves OAuth token issue that blocked email synchronization since February 26. Here's what happened and how to restore access.