News

Threat Post8y

OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking

Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover.
Wired13y

Developer Quits OAuth 2.0 Spec, Calls It 'a Bad Protocol'

After three years as lead author and editor of the OAuth 2.0 specification, Eran Hammer has stepped down from his role, withdrawn his name from the spec and even quit the OAuth working group ...
CNET13y

OAuth 2.0 leader resigns, says standard is 'bad'

The standard grew too far away from its roots as a simple Web authentication technology, author Eran Hammer-Lahav says, and now is insecure and overly broad. Stephen Shankland worked at CNET from 1998 ...

Google Identifies ‘Widespread Data Theft’ Impacting Salesforce-Salesloft Drift Users

Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data ...