Security News

Cybersecurity news aggregator

← Back to News Browse all tags

oauth

31 articles with this tag

HIGH
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
Infosecurity Magazine • May 25, 2026
 HIGH
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
CyberScoop • May 22, 2026
 HIGH
FBI warns of Kali Oauth stealers
CSO Online • May 22, 2026
 HIGH
Tycoon2FA phishing kit evolves with device-code attacks on Microsoft 365
SC Media • May 18, 2026
 INFO
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
SecurityWeek • May 07, 2026
 HIGH
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
The Hacker News • May 05, 2026
 HIGH
ConsentFix v3 attacks target Azure with automated OAuth abuse
BleepingComputer • May 02, 2026
 MEDIUM
Major AI Clients Shipping With Broken OAuth Implementations
Reddit r/netsec • May 01, 2026
 HIGH
The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables
Trend Micro Research • Apr 20, 2026
 INFO
Learning from the Vercel breach: Shadow AI & OAuth sprawl
BleepingComputer • Apr 29, 2026
 MEDIUM
Vercel Hacked: A Simple Failure of OAuth Hygiene | THREAT WIRE
Hak5 • Apr 24, 2026
 HIGH
Vercel Breach Explained: OAuth Risk in AI + SaaS Environment
Reddit r/netsec • Apr 20, 2026
 HIGH
Hackers exploit Vercel’s trust in AI integration
CSO Online • Apr 20, 2026
 HIGH
Next.js developer Vercel warns of customer credential compromise
The Register Security • Apr 20, 2026
 HIGH
AI-enabled device code phishing campaign exploits OAuth flow for account takeover
Help Net Security • Apr 07, 2026
 HIGH
Device code phishing attacks surge 37x as new kits spread online
BleepingComputer • Apr 04, 2026
 HIGH
New EvilTokens service fuels Microsoft device code phishing attacks
BleepingComputer • Apr 01, 2026
 HIGH
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
SecurityWeek • Mar 31, 2026
 MEDIUM
OAuth Consent and Device Code Phishing for Red Teams
Reddit r/netsec • Mar 29, 2026
 HIGH
Microsoft Entra OAuth Consent Grant Attack Simulation in the PhishU Framework
Reddit r/netsec • Mar 28, 2026
 INFO
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
The Hacker News • Mar 12, 2026
 HIGH
OAuth vulnerability in n8n automation platform could lead to system compromise
CSO Online • Mar 06, 2026
 MEDIUM
Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks
Malwarebytes Labs • Mar 04, 2026
 MEDIUM
OAuth redirection abuse enables phishing and malware delivery
Malpedia •
HIGH
Microsoft: Hackers abuse OAuth error flows to spread malware
BleepingComputer • Mar 03, 2026
 MEDIUM
Threat actors weaponize OAuth redirection logic to deliver malware
Help Net Security • Mar 03, 2026
 HIGH
OAuth phishers make ‘check where the link points’ advice ineffective
CSO Online • Mar 03, 2026
 HIGH
OAuth redirection abuse enables phishing and malware delivery
Microsoft Security Blog • Mar 02, 2026
 HIGH
New phishing campaign tricks employees into bypassing Microsoft 365 MFA
CSO Online • Feb 20, 2026
 HIGH
Hackers target Microsoft Entra accounts in device code vishing attacks
BleepingComputer • Feb 19, 2026
 INFO
Blue Team | Hunting Cloud Persistence Without Malware
SANS Institute • Feb 17, 2026