Security Boulevard

OAuth Scopes & Consent: Complete Guide to Secure API Authorization

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API ...
Security Boulevard

OAuth Authorization Server Setup: Implementation Guide & Configuration

Learn how to build and configure an enterprise-grade OAuth authorization server. Covering PKCE, grant types, and CIAM best ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
GitHub

Google Workspace MCP Server

Full natural language control over Google Calendar, Drive, Gmail, Docs, Sheets, Slides, Forms, Tasks, and Chat through all MCP clients, AI assistants and developer tools. The most feature-complete ...
GitHub

A Laravel integration for Xero using the Oauth 2.0 spec

This package integrates the new recommended package of xeroapi/xero-php-oauth2 using the Oauth 2.0 spec with Laravel. There was an error while loading. Please reload ...
gadgets360

Microsoft 365 Accounts Reportedly Breached After Hackers Exploit Legitimate Microsoft OAuth Feature

Attackers trick users into approving access on real Microsoft pages OAuth device code phishing surged sharply since September 2025 Both cybercriminals and state-linked actors reportedly use this ...
winbuzzer.com

Microsoft 365 Phishing Surge: Attackers Weaponize Legitimate Device Code Flow to Bypass MFA

Cybercriminals are launching a widespread wave of phishing attacks that bypass Multi-Factor Authentication (MFA) by exploiting a standard Microsoft 365 feature. Security researchers at Proofpoint warn ...