News

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of ...
Scammers are now abusing Google OAuth to send phishing emails
Summary: A new scam has come into light, where scammers are sending out phishing emails to targets by abusing the Google ...
Fake Google Security Alert Hides a Phishing Scam
A developer reported the scam after noticing a slight discrepancy in the email address. The scam passed Google’s own DKIM ...
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from ...
Windows Report6d
Russian hackers exploit OAuth 2.0 to hack Microsoft 365 Accounts
Two Russian hacker groups have exploited legitimate OAuth 2.0 authentication workflows to hack multiple Microsoft 365 ...
The Hacker News24y
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
Messaging apps such as Signal and WhatsApp are used to contact targets, inviting them to join a video call or register for ...
Clever New Scam Targets Gmail Users: How to Stay Safe
This sneaky scam actually uses Google's own security tools against it, making emails appear to be coming right from the ...
A flaw in Google OAuth system is exposing millions of users via abandoned accounts
and that businesses should make sure they're not leaving sensitive information behind Researchers propose additional ...
Russian Cyber Actors Exploit Microsoft Oauth To Breach Ukraine-Linked Organisations
Russian-linked cyber operatives have been leveraging legitimate Microsoft OAuth 2.0 authentication processes to compromise ...