A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various ...

An as-of-yet undiagnosed compromise of the Salesloft Drift AI-driven platform has led to a rash of stolen OAuth tokens, in turn creating downstream breaches at some of the biggest names in the ...

Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for ...

Goldshlager modified the URL string Facebook’s OAuth service usually uses when users agree to install an application. In doing so, he could send users to his own site, trigger an access token he ...

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the ...