Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
WinBuzzer

Anthropic Bans Claude Subscription OAuth in Third-Party Apps

Anthropic has officially banned using Claude subscription OAuth in third-party tools, forcing developers to switch to API ...

What’s behind the OpenClaw ban wave

Using OAuth credentials to connect the viral AI tool OpenClaw to your flat-rate Claude or Gemini account could get you banned ...
Security Boulevard

OpenClaw Security Risk: OAuth and SaaS Identity

OpenClaw runs locally, but the risk lives in SaaS. Learn how OAuth tokens, API access, and AI agents create identity-based exposure across platforms.
CSOonline

Failure to verify OAuth tokens enables account takeover on websites

Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information ...
Bleeping Computer

OAuth risks: How to identify, investigate, and mitigate them

We’re now all too familiar with the ubiquitous “Sign in with Google” button we encounter all over the internet. For most of us, it has become the go-to “easy button” for managing the sprawling set of ...
Bleeping Computer

Microsoft warns of increasing OAuth Office 365 phishing attacks

Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. These attacks were part of ...