Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is the ...
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google’s systems, passing all verifications but pointing to a fraudulent page ...
Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations. These attacks can lead to the bypassing of phishing detection ...
Update, Jan. 16, 2025: This story, originally published Jan. 15, now includes a statement from Google and further clarification of the initial response to the researcher’s findings, as well as ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results