#OAuth
24 stories taggedOAuth · page 2 of 2.

One Click in VS Code Was Enough to Hand Over Your GitHub Token
Researcher Ammar Askar found a clickjack-style flaw in github.dev that leaked full-fat OAuth tokens — read/write, private repos included.

Agentic AI Is Doing What a Thousand Breach Reports Couldn't: Getting Boards to Open the Checkbook
Autonomous agents, AI-generated code, and frontier models capable of offensive cyber ops are finally making cybersecurity a board-level business conversation — not just an IT line item.

Poisoned npm Package Stole OpenAI Codex Tokens — and the GitHub Repo Looked Fine
codexui-android published clean source code while shipping malicious artifact builds that harvested refresh tokens. The gap between repo and registry is where the attack lived.

When 'Minor Foothold' Means Full Account Takeover: The Week IAM Bent the Wrong Way
A Claude security plugin, an Azure privilege-escalation chain, and a Kali365 MFA bypass all land in the same news cycle. Identity is still the soft underbelly.

Kali365 Phishing Kit Hijacks Microsoft OAuth Tokens to Silently Bypass MFA
The FBI has flagged a device-code phishing campaign powered by Kali365, a toolkit that steals OAuth tokens tied to Microsoft 365 accounts without ever touching a user's password.

Kali365 and EvilTokens: The New Phishing-as-a-Service Threat
Professional phishing kits lower barriers for attackers, bypassing MFA with ease.

The Boring Attacks Are Winning: Why Defenders Keep Losing to Trusted Tools
Leaked tokens, poisoned npm packages, and login replays are doing more damage than zero-days this quarter. Here is how to spot the pattern before it spots you.

GRU Operators Drained Microsoft 365 Tokens by Rewriting DNS on 18,000 SOHO Routers
Forest Blizzard shifted from targeted router malware to mass DNS hijacking after a UK advisory in August, intercepting OAuth tokens on Outlook on the web.

FBI flags Kali365, the latest phishing kit pitched at draining Microsoft 365 tenants
The bureau says the subscription-priced service abuses OAuth device-code flows to lift session tokens and walk straight past MFA.