#oauth search results
Day 5/10: OAuth 2.0 security ✅ "Sign in with Google" ≠ automatically secure Implementing: - State parameter (CSRF) - PKCE flow - Strict redirect URIs - Minimal scopes - Secure token storage One misconfiguration = breach @ireteeh #10DaysOfSecureCode #OAuth
Looking forward to speaking at @BSidesWarsaw tomorrow. Come hang on the livestream to catch "Agentic Access: OAuth Gets You In, Zero Trust Keeps You Safe"! 👀 bsides.org/w/page/1610813… #mcp #oauth #agenticai #zerotrust
AI agents still can’t use OAuth without a human holding their hand. Redirects, consent screens, expiring cookies — it all assumes a browser and a meatbag. Result? Most “autonomous” agents are secretly crippled. New post dives in ↓ #AIAgents #OAuth
🧠 Open Redirect → OAuth Token Theft 1️⃣ App redirects to URLs from untrusted params 2️⃣ Attacker crafts redirect to malicious OAuth callback 3️⃣ Victim approves login → token sent to attacker 4️⃣ Full account compromise 🎯 Open redirect + OAuth = easy takeover #bugbounty #OAuth
MCP is soaring in popularity! @adslaton walks through the big ideas from our State of #MCP: • One protocol for tools • Built-in discoverability • #OAuth 2.1 auth • Native UI inside chat With @dsp_, @digitarald, @JamesMontemagno, @dkundel, @ladyleet Dive in 🔽🔗
Headless can solve the problem of users authenticating twice in iframes by generating member tokens and injecting session cookies into your website. #OAuth #iframes
Use a public-facing URL to test an MCP server with actual clients in the cloud. This OAuth flow is secured with Pomerium, and the MCP server knows nothing about OAuth. #MCPserver #OAuth
Recent #phishing campaigns abuse #OAuth flows to hijack Microsoft accounts. Attackers impersonate major business & investment platforms, tricking users into entering codes or approving access that silently grants account control. Details at bit.ly/4qqtKGE
If you administer at least one Microsoft 365 tenant, you might find some surprising results if you audit your #OAuth applications 👀 Statistically speaking, there’s a good chance your tenant is infected with a rogue app that could be malicious 😱
All major security vendors breached. The culprit - simply relying on #OAuth federated access management. With AI Agents, this risk grows exponentially. DIDs, p2p auth, continuous auth, dynamic federation and onchain logs with #AuthChain will help fix this. @RubixChain…
Palo Alto Networks data breach exposes customer info, support cases bleepingcomputer.com/news/security/…
#oauth #phishing campaign against 🇮🇹 #m365 tenants #BEC offline_access mailread mail.send through GraphAPI *.expressive,com,de/DqaBV/ -> s://5140390597,cyou/helen.php maybe #Flowerstorm @illegalFawn @phishunt_io @PhishKitTracker @ActorExpose @AgidCert @JAMESWT_WT
Configuring MCP servers - especially with OAuth - can get messy fast. This demo shows an agent handling it with `mcp-find` + `mcp-add`. Let agents guide the setup. 🔗 docker.com/blog/dynamic-m… #Docker #MCP #OAuth #AIagents #DevTools #AgenticAI #LLM
🔐 New in Faveo Helpdesk → Secure Gmail Authentication with OAuth! ✔ Stronger security ✔ Safer Gmail integration ✔ Seamless support workflows 🚀 #FaveoHelpdesk #HelpdeskSoftware #OAuth #GmailIntegration #Cybersecurity
🔊 The password flow has been retired. Migrate your apps now to #OAuth 2.0 to stay secure and supported. Here's how → zurl.co/FzJfQ #RingCentralDevs
【とてもややこしいOpenID Connect (OIDC)のシーケンス書いてみた!】 シーケンスでは認可コードフロー+PKCEにOIDCの特徴であるIDトークンとUserinfo APIを記載 ここまで頭に入っていればWEB認証は怖くない(`・ω・´)b #OIDC #OAuth #AWS #インフラエンジニア #バックエンドエンジニア
#セキュリティ #IT用語 #OAuth #CompTIA #資格取得 / CompTIA Security+ SY0-701出題範囲 IT用語を簡単に説明📝 \ OAuthって何?🧐 聞いたことありますか? もっと学習したい方はこちら👇 tac-school.co.jp/kouza_it/it_cr…
🧩 Malicious OAuth apps can hide inside Microsoft 365 tenants. @HuntressLabs’ Cazadora script helps uncover rogue apps before they lead to a breach. Learn more in their Tradecraft Tuesday sessions. ➡️ bleepingcomputer.com/news/security/… #cybersecurity #microsoft365 #oauth #sponsored
Looking forward to speaking at @BSidesWarsaw tomorrow. Come hang on the livestream to catch "Agentic Access: OAuth Gets You In, Zero Trust Keeps You Safe"! 👀 bsides.org/w/page/1610813… #mcp #oauth #agenticai #zerotrust
スポーツ & エンタメ業界でもID基盤への #OAuth /#OIDC の実装にAuthleteを採用いただいています。#Authlete を活用し、#ファイターズ スポーツ & エンターテイメントさま、#Fanplus さま、#playground さまは、#ID基盤 開発・運用の効率化と高い可用性を実現されました。 authlete.com/ja/resources/v…
AI agents still can’t use OAuth without a human holding their hand. Redirects, consent screens, expiring cookies — it all assumes a browser and a meatbag. Result? Most “autonomous” agents are secretly crippled. New post dives in ↓ #AIAgents #OAuth
🧠 Why does learning OAuth 2.0 feel like solving a puzzle? All those endless docs and RFCs… it’s overwhelming. eKnow AI turns those complex docs into clear, structured, visualized learning paths. No more detective work. Just clarity. #AI #TechLearning #OAuth #DeveloperTools
Tribeck has adopted Authlete to build an #OAuth 2.0 server for seamless third-party application integration. The company chose Authlete for its development flexibility, significant reduction in operational load, and support for future standard extensions. authlete.com/news/tribeck-s…
🚨 Alert: Unauthorized data access detected! Salesforce has flagged suspicious #OAuth activity linked to Gainsight. This highlights the continuous battle against digital threats and the need for robust security measures.🛡️ Are your systems prepared to handle such cyber incidents?
MCP is soaring in popularity! @adslaton walks through the big ideas from our State of #MCP: • One protocol for tools • Built-in discoverability • #OAuth 2.1 auth • Native UI inside chat With @dsp_, @digitarald, @JamesMontemagno, @dkundel, @ladyleet Dive in 🔽🔗
ロシア系APT「ToddyCat」がM365を狙い、Outlook等のメモリからOAuthトークン抽出+ロック中OST強制コピーでメール窃取。MFA回避の重大手口。トークン寿命短縮とCA強化が必須。#ToddyCat #M365Security #OAuth securityonline.info/toddycat-apt-s…
Bezpečnost webových aplikací:🔒 Google zavádí granulární #OAuth souhlas pro Web Apps. Uživatelé teď mohou udělovat oprávnění individuálně namísto všech najednou = větší kontrola nad přístupem k datům a vyšší standardy zabezpečení. #GoogleWorkspace #Bezpečnost #Admin #Novinka
🚨 CRITICAL vuln in lunary-ai/lunary (v1.9.34): Improper Google OAuth auth lets attackers take over accounts! Patch to 1.9.35 now. Details: radar.offseq.com/threat/cve-202… #OffSeq #OAuth #Cybersecurity
Configuring MCP servers - especially with OAuth - can get messy fast. This demo shows an agent handling it with `mcp-find` + `mcp-add`. Let agents guide the setup. 🔗 docker.com/blog/dynamic-m… #Docker #MCP #OAuth #AIagents #DevTools #AgenticAI #LLM
🛠️ MCP 1.2 drops with OAuth, Tools API, and security coverage. Now easier to run AI tools in Drupal 10/11 with bundled plugins and config controls. Via @jibla of @omedia_dev : bit.ly/48t5ehb #Drupal #OAuth #ContribModule #AIinDrupal
🔐 Token security is now a hot topic! Attackers are turning tokens into their favorite tool for bypassing security, impersonating admins, and draining liquidity faster than a kid at an all-you-can-eat buffet. Stay alert! #TokenSecurity #OAuth #CyberSecur… windowsforum.com/threads/token-…
An OAuth token is being used from two different IPs at the same time. What’s really happening? A) User from home B) Session token stolen C) VPN switched D) Time drift Drop your answer 👇 #CyberSecurity #BugBounty #OAuth #Hacking #Bugv
🎉 Twitter OAuth 1.0a SUCCESS! Auto-posting is now working from Claude Code setup! #TwitterAPI #OAuth #ClaudeCode
🟠#Salesforce advierte que una actividad inusual en las aplicaciones #OAuth vinculadas a #Gainsight puede haber permitido el acceso no autorizado a los datos de Salesforce de algunos clientes. #QintegraNews #ciberseguridad @securityaffairs securityaffairs.com/184896/hacking…
FB OAuth Misconfiguration Leads to Takeover any Account #bugbounty #pentesting #oauth #fb sl4x0.medium.com/fb-oauth-misco…
Day 5/10: OAuth 2.0 security ✅ "Sign in with Google" ≠ automatically secure Implementing: - State parameter (CSRF) - PKCE flow - Strict redirect URIs - Minimal scopes - Secure token storage One misconfiguration = breach @ireteeh #10DaysOfSecureCode #OAuth
mamma mia 🤌🤌 #ATO on #Google One Tab #OAuth deferent from always. Write-up will coming soon. #BugBounty
🧠 Open Redirect → OAuth Token Theft 1️⃣ App redirects to URLs from untrusted params 2️⃣ Attacker crafts redirect to malicious OAuth callback 3️⃣ Victim approves login → token sent to attacker 4️⃣ Full account compromise 🎯 Open redirect + OAuth = easy takeover #bugbounty #OAuth
#oauth #phishing campaign against 🇮🇹 #m365 tenants #BEC offline_access mailread mail.send through GraphAPI *.expressive,com,de/DqaBV/ -> s://5140390597,cyou/helen.php maybe #Flowerstorm @illegalFawn @phishunt_io @PhishKitTracker @ActorExpose @AgidCert @JAMESWT_WT
Despite being central to their security, many orgs struggle to securely implement #OAuth. Our new post walks through common issues & how to prevent them, along with a useful checklist! Read it today & ensure your org is secure: blog.doyensec.com/2025/01/30/oau… #doyensec #security #appsec
If you administer at least one Microsoft 365 tenant, you might find some surprising results if you audit your #OAuth applications 👀 Statistically speaking, there’s a good chance your tenant is infected with a rogue app that could be malicious 😱
Please Retweet for reach. AIPRM is growing too fast for Google defaults. We need someone at Google to help us to connect more than 10,000 new users/day with their API, we still have default OAuth limit. Do YOU know anyone that could help? #oauth #limit #google #accounts
OpenID Connect makes it possible to authenticate users using #OAuth 2.0. What are some benefits of working with #openidconnect 🏆 🚀 ? 1. Single Sign-On (SSO) 2. Security 3. Reduced friction 4. Up-to-date information Learn more: blog.postman.com/what-is-openid…
Very high end video conferencing at @secworkshop between @dfett42 , @josephheenan and @__b_c on #oauth client attestation discussion.
🔐 Curious about #OAuth in PHP? Our #blog dives into how RingCentral’s API helps you set up secure, token-based authentication for your app. medium.com/ringcentral-de…
⚙️ Want to enhance security in your #PHP app? Read our blog to learn how RingCentral’s API supports #OAuth for safe user permissions. medium.com/ringcentral-de…
📘 Learn how to implement #OAuth 2.0 authorization for #RingCentralEmbeddable. Our documentation covers everything you need to securely connect your app. ringcentral.github.io/ringcentral-em…
🔐 Explore our latest blog post on setting up #OAuth in PHP with RingCentral’s API. Learn how to securely manage user access and #authorization. medium.com/ringcentral-de…
📘 Curious about #OAuth for PHP? Check out our blog to discover how RingCentral’s API helps you implement secure, token-based #authentication in your applications. medium.com/ringcentral-de…
Something went wrong.
Something went wrong.
United States Trends
- 1. Thanksgiving 1.88M posts
- 2. Lions 68.8K posts
- 3. Thankful 366K posts
- 4. Wicks 3,143 posts
- 5. #GoPackGo 4,793 posts
- 6. Turkey 242K posts
- 7. Jordan Love 3,810 posts
- 8. Brian Branch N/A
- 9. #GBvsDET 1,637 posts
- 10. Jared Goff 1,971 posts
- 11. #OnePride 4,147 posts
- 12. Amon Ra 1,376 posts
- 13. Tom Kennedy N/A
- 14. Cece Winans N/A
- 15. Ray J 2,307 posts
- 16. #ProBowlVote 25.8K posts
- 17. Josh Jacobs 1,613 posts
- 18. #nationaldogshow N/A
- 19. National Anthem 5,420 posts
- 20. Busta Rhymes 1,384 posts