Threat Post

Google Adding Security Checks to Non-OAuth 2.0 Compliant Apps

Google announced it will add additional security checks to log-in attempts from applications or devices that do not support OAuth 2.0. Google announced today that in the coming months it will be more ...
Dark Reading

Attackers Abuse Google OAuth Endpoint to Hijack User Sessions

Attackers have been exploiting an undocumented Google OAuth endpoint to hijack user sessions and allow continuous access to Google services, even after a password reset. A threat actor called "Prisma" ...
TechSpot

Google OAuth secrets exposed as account-hijacking MultiLogin vulnerability discovered

Facepalm: OAuth is an open standard designed to share account information with third-party services, providing users with a simple way to access apps and websites. Google, one of the companies ...

A flaw in Google OAuth system is exposing millions of users via abandoned accounts

Buying domains from businesses that shut down could grant access to their SaaS accounts, research finds Google argues it's ...