A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to ...
A security vulnerability in the “Sign In With Google” OAuth authentication process could allow attackers to access sensitive data from millions of accounts.
Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is ...
Explore how the Cyberhaven attack exposes the dangers of 'consent phishing', a tactic that bypasses even robust security measures like MFA.
and that businesses should make sure they're not leaving sensitive information behind Researchers propose additional safeguards Experts have found a vulnerability in Google’s OAuth “Sign in ...
Relatedly, lots of business-minded webapps use Google's OAuth, i.e. "Sign in with Google." It's a low-friction feedback loop—up until the startup fails, the domain goes up for sale, and somebody ...
A critical flaw in Google's OAuth authentication system, a way for users to grant third-party applications access to their Google account information without sharing their password, has left ...
Last week at security conference ShmooCon, he gave a talk on a flaw he found with Google OAuth, the tech behind “Sign in with Google,” which people can use instead of passwords. Ayrey gave ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback