Learning from the Vercel breach: Shadow AI & OAuth sprawl

A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach ...
ZDNet

Gmail fake Docs attack: Now Google tightens OAuth rules to block phishing

To prevent further fake Docs phishing attacks on Gmail users, Google says it will tighten enforcement of the OAuth system it uses for linking third-party apps to Google accounts. Google has offered a ...
Phys.org

Vulnerability in Facebook's OAuth allowed hacker full profile access

(Phys.org)—Nir Goldshlager writer of a security blog, is reporting that he found a vulnerability in Facebook's OAuth that allowed him full access to an individual's profile information. Facebook ...