Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
The Hacker News

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part ...
GitHub

Knowledge Transfer Ticket: Wazuh Cert OAuth2 App

This issue tracks the complete knowledge transfer process related to the Wazuh-based certificate and OAuth2-secured malware detection system. The goal is to build a shared understanding of the ...
GitHub

hirosato/go-mcp-scaffoldings

This repository contains OAuth and MCP (Model Context Protocol) implementation code, providing a foundation for building secure MCP servers with OAuth 2.1 authentication. mcp-scaffolding/ ├── backend/ ...
blockchain

GitHub Enhances Security with PKCE Support for OAuth and GitHub Apps

GitHub has introduced PKCE support for OAuth and GitHub App authentication, enhancing security by protecting authorization codes. The implementation follows OAuth 2.0 standard (RFC 7636). GitHub has ...