OAuth

Entity category: technology

Artificial Intelligence

Shadow AI’s Hidden Risks to SaaS Security & Integrations

January 3, 2026

Shadow AI, the unofficial use of AI tools by employees, creates significant security vulnerabilities and data exposure risks within organizations.…

Read More »
Artificial Intelligence

MCP Security Blind Spots: The API Risk

December 2, 2025
Michael Yaroshefsky, MCP Manager, discusses security gaps.

The Model Context Protocol (MCP) introduces unique security risks because it injects executable text directly into AI models, unlike standard…

Read More »
BigTech Companies

Hijacked OAuth Apps: Your Cloud’s Secret Backdoor

October 26, 2025
A circular logo with 'OAUTH' and an 'A' inside, superimposed over a burning city skyline at night.

Cybercriminals exploit internal OAuth applications to create persistent backdoors in corporate cloud systems, bypassing security measures like password resets and…

Read More »
BigTech Companies

Uncover Malicious OAuth Apps in Microsoft 365 with Cazadora

October 22, 2025
Man's profile with digital overlay showing cybersecurity rules and code.

Auditing OAuth applications in Microsoft 365 is critical due to the high risk of malicious apps, which can severely compromise…

Read More »
BigTech Companies

Secure Your Google Workspace: Protect Data, Not Just Access

October 18, 2025
Digital key with fingerprint on a tablet, surrounded by locks and data streams.

Modern digital workplaces face security challenges from interconnected tools, where attackers exploit legitimate access tokens rather than breaching traditional perimeters.…

Read More »
AI & Tech

AI Browsers Expose Critical Security Gaps, Researchers Warn

October 13, 2025
Perplexity AI logo and name displayed on a white bar over a laptop keyboard.

AI-powered browsers introduce significant security vulnerabilities by embedding AI assistants that enable novel threats like malicious workflows and prompt injections,…

Read More »
Artificial Intelligence

Oktane 2025: Securing Every Identity, AI, and App

September 28, 2025
Todd McKinnon smiles broadly on stage with arms outstretched, with the Okta logo behind him.

The rise of autonomous AI agents in workflows creates unprecedented security challenges, demanding a unified identity security fabric for protection…

Read More »
BigTech Companies

Salesloft Links Drift Data Theft to March GitHub Hack

September 8, 2025
Close-up of a hand typing on a backlit laptop keyboard glowing red and blue. Cybersecurity or late-night work concept.

A data breach at Salesloft originated from a March intrusion into its GitHub account, allowing attackers to steal authentication tokens…

Read More »
Business

Salesforce Trust Exploited by Cyberattackers

September 5, 2025
Salesforce logo in a cloud shape, set against a dramatic backdrop of fiery sparks and smoke.

Salesforce environments saw a twenty-fold surge in malicious activity in Q1 2025, as cybercriminals increasingly exploit trusted business platforms for…

Read More »
Business

Major Cybersecurity Firms Impacted by Salesloft Data Breach

September 3, 2025
Laptop screen shattered like a wall, depicting a powerful data breach or cyberattack.

A data breach at Salesloft impacted over 700 organizations, including major cybersecurity firms, by compromising OAuth tokens to access Salesforce…

Read More »
Business

Allianz Life Data Breach: 1.1 Million Customers’ Data Exposed

August 20, 2025
Two Allianz flags waving against a bright blue sky and lush green trees.

Allianz Life suffered a cybersecurity breach affecting 1.1 million individuals, compromising sensitive personal data including names, addresses, and Social Security…

Read More »
BigTech Companies

Workday Hit by Data Breach Following Salesforce Attack

August 19, 2025
Workday logo displayed prominently on a light wood wall in a modern office reception area.

Workday experienced a security breach via a third-party CRM platform, exposing business contact information but not customer data, due to…

Read More »
BigTech Companies

Microsoft Exchange Vulnerability Threatens Hybrid Cloud Security

August 9, 2025
Close-up of a smartphone displaying the Microsoft Exchange email and calendaring service.

A critical Microsoft Exchange vulnerability (CVE-2025-53786, CVSS 8.0) threatens hybrid cloud environments, enabling privilege escalation across on-premises and cloud systems…

Read More »
AI & Tech

Phishing-Resistant Authentication: How Hackers Still Bypass It

July 31, 2025
A dark-themed webpage warns of phishing danger, showing a password being hooked like bait. IO Push Security logo is visible.

Phishing-resistant authentication methods like passkeys and FIDO2-based systems (e.g., YubiKeys) improve security, but attackers exploit weaknesses such as downgrade attacks…

Read More »
Artificial Intelligence

Strata Identity: AI Agent Security & Observability Solutions

July 19, 2025
Abstract artwork depicting a network of glowing orbs connected by lines against a dark blue space background.

Strata Identity launched Identity Orchestration for AI Agents, a solution using Maverics identity fabric to provide governance for AI agents…

Read More »
BigTech Companies

Microsoft SaaS Vulnerability Exposed Apps for 2 Years

June 26, 2025
Magnifying glass over binary code highlighting the term 'OpenID'.

A critical security flaw in Microsoft’s Entra ID, called nOAuth, has exposed thousands of enterprise applications for two years, allowing…

Read More »
Artificial Intelligence

Developer Shares Claude’s Code for Cloudflare & Key Prompts

June 13, 2025
Hands typing on a retro-style keyboard, with abstract blue lines and shapes above. A digital art piece.

It is no surprise that developers are using AI models to write their code. However, a developer from Cloudflare sparked…

Read More »