Google Threat Intelligence Group shared its findings about a threat actor responsible for stealing Salesforce customer data ...

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various ...

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if ...

Attackers have been exploiting an undocumented Google OAuth endpoint to hijack user sessions and allow continuous access to Google services, even after a password reset. A threat actor called ...

Researchers at Truffle Security have found a flaw in Google’s OAuth ‘Sign in with Google’ feature, potentially exposing businesses that have shut down to data breaches.

A developer reported the scam after noticing a slight discrepancy in the email address. The scam passed Google’s own DKIM checks.

A critical flaw in Google’s OAuth authentication system, a way for users to grant third-party applications access to their Google account information without sharing their password, has left ...

This Google’s OAuth flaw that could allow attackers to inherit credentials from old accounts of former failed startups employees.

An OAuth bug discovered in Google’s Cloud Platform potentially allowed attackers to plant an application inside a victim’s account, leaving it permanently and undetectably compromised. The bug ...