Tag

#OAuth

24 stories taggedOAuth · page 2 of 2.

Identity & Access

One Click in VS Code Was Enough to Hand Over Your GitHub Token

Researcher Ammar Askar found a clickjack-style flaw in github.dev that leaked full-fat OAuth tokens — read/write, private repos included.

3 min
AI Security

Agentic AI Is Doing What a Thousand Breach Reports Couldn't: Getting Boards to Open the Checkbook

Autonomous agents, AI-generated code, and frontier models capable of offensive cyber ops are finally making cybersecurity a board-level business conversation — not just an IT line item.

3 min
Identity & Access

Poisoned npm Package Stole OpenAI Codex Tokens — and the GitHub Repo Looked Fine

codexui-android published clean source code while shipping malicious artifact builds that harvested refresh tokens. The gap between repo and registry is where the attack lived.

2 min
Identity & Access

When 'Minor Foothold' Means Full Account Takeover: The Week IAM Bent the Wrong Way

A Claude security plugin, an Azure privilege-escalation chain, and a Kali365 MFA bypass all land in the same news cycle. Identity is still the soft underbelly.

2 min
Identity & Access

Kali365 Phishing Kit Hijacks Microsoft OAuth Tokens to Silently Bypass MFA

The FBI has flagged a device-code phishing campaign powered by Kali365, a toolkit that steals OAuth tokens tied to Microsoft 365 accounts without ever touching a user's password.

3 min
Identity & Access

Kali365 and EvilTokens: The New Phishing-as-a-Service Threat

Professional phishing kits lower barriers for attackers, bypassing MFA with ease.

2 min
Threat Intelligence

The Boring Attacks Are Winning: Why Defenders Keep Losing to Trusted Tools

Leaked tokens, poisoned npm packages, and login replays are doing more damage than zero-days this quarter. Here is how to spot the pattern before it spots you.

3 min
Threat Intelligence

GRU Operators Drained Microsoft 365 Tokens by Rewriting DNS on 18,000 SOHO Routers

Forest Blizzard shifted from targeted router malware to mass DNS hijacking after a UK advisory in August, intercepting OAuth tokens on Outlook on the web.

3 min
Identity & Access

FBI flags Kali365, the latest phishing kit pitched at draining Microsoft 365 tenants

The bureau says the subscription-priced service abuses OAuth device-code flows to lift session tokens and walk straight past MFA.

2 min
© 2026 Threat Vectr