GitHub

OAuth2c: user-friendly OAuth CLI

oauth2c is a command-line tool for interacting with OAuth 2.0 authorization servers. Its goal is to make it easy to fetch access tokens using any grant type or client authentication method. It is ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
Security Boulevard

API Authentication Methods Explained: API Keys, OAuth, JWT & HMAC Compared

Ever wonder why a single api leak can tank a company's stock? (Will data breaches impact company stock price?) In the enterprise, authentication isn't just a "lock"—it's the foundation of your entire ...
GitHub

jkroepke/openvpn-auth-oauth2

openvpn-auth-oauth2 is a management client for OpenVPN that handles the single sign-on (SSO) authentication against various OIDC providers. This project aims to simplify the process of integrating ...
gadgets360

Microsoft 365 Accounts Reportedly Breached After Hackers Exploit Legitimate Microsoft OAuth Feature

Attackers trick users into approving access on real Microsoft pages OAuth device code phishing surged sharply since September 2025 Both cybercriminals and state-linked actors reportedly use this ...
IEEE

IEEE Communications Surveys and Tutorials

Abstract: I welcome you to the fourth issue of the IEEE Communications Surveys and Tutorials in 2021. This issue includes 23 papers covering different aspects of communication networks. In particular, ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...