Hosted on MSN23d
Google’s OAuth flaw is potentially exposing millions of accounts
Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is ...
Millions Of Sign-In-With-Google Users Warned Of Data-Theft Vulnerability
A security vulnerability in the “Sign In With Google” OAuth authentication process could allow attackers to access sensitive data from millions of accounts.
Bleeping Computer25d
Google OAuth flaw lets attackers gain access to abandoned accounts
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to ...
Ars Technica24d
Startup necromancy: Dead Google Apps domains can be compromised by new owners
With admin access to those accounts, you can get into many of the services they used Google's OAuth to log into, like Slack, ChatGPT, Zoom, and HR systems. Ayrey writes that he bought a defunct ...
TechCrunch20d
Employees of failed startups are at special risk of stolen personal data through old Google logins
As if losing your job when the startup you work for collapses isn’t bad enough, now a security researcher has found that employees at failed startups are at particular risk of having their data ...
TechRadar23d
A flaw in Google OAuth system is exposing millions of users via abandoned accounts
Buying domains from businesses that shut down could grant access to their SaaS accounts ... Experts have found a vulnerability in Google’s OAuth “Sign in with Google” feature which could ...
Security Boulevard4d
Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip
Explore how the Cyberhaven attack exposes the dangers of 'consent phishing', a tactic that bypasses even robust security ...