The Hacker News

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

OAuth tokens without expiry enable breaches like Drift attack on 700+ firms, bypassing MFA and exposing sensitive data.

Claude Code, Copilot and Codex all got hacked. Every attacker went for the credential, not the model.

Six teams exploited Claude Code, Copilot, Codex, and Vertex AI in nine months. Every attack hit runtime credentials that IAM ...
Security Boulevard

ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 ...
JD Supra

Beyond the Perimeter: Securing OAuth Tokens and API Access to Thwart Modern Cyber Attackers

The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...
VentureBeat

Hackers use stolen OAuth access tokens to breach dozens of organization’s internal systems

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Last week, GitHub Security researchers ...
Infosecurity-magazine.com

Attacker Accessed Dozens of Repositories After OAuth Token Theft

GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...
Dark Reading

Heroku: Cyberattacker Used Stolen OAuth Tokens to Steal Customer Account Credentials

Salesforce subsidiary Heroku on Thursday said that the threat actor that stole Heroku GitHub integration OAuth tokens in April also accessed an internal database containing hashed and salted passwords ...
ZDNet

Heroku fesses up to customer password theft due to OAuth token attack

Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...

AI agents can bypass guardrails and put credentials at risk, Okta study finds

An AI agent that revealed sensitive data without being asked. An agent that overruled its own guardrails. Another that sent ...