- Security
- By Sergiu Gatlan
- September 10th, 2018
OAuth Exploit Allowed Researcher to Takeover Periscope TV Account
He hijacked the OAuth flow via host header poisoning
- Security
- By Gabriela Vatu
- May 8th, 2017
Google to Tighten OAuth Rules to Block Phishing Attempts After Fake Docs Attack
After last week's attack, Google will work to make Gmail even safer against phishing attacks by adding more rules
- Security Fixes and Improvements
- By Bogdan Popa
- December 1st, 2016
PayPal Fixes Security Flaw Allowing Hackers to Steal OAuth Tokens
The bug was originally discovered in September
- Security
- By Catalin Cimpanu
- June 1st, 2016
"Deploy on Heroku" Buttons Lead to Complete Pwnage of Heroku Accounts
Heroku OAuth was leaking global API access token
- Security
- By Catalin Cimpanu
- January 8th, 2016
OAuth Protocol Dodges a Bullet, Dangerous Flaws Fixed in Secret
Authentication protocol fixed for two critical issues
- Open Source Software
- By Marius Nestor
- December 22nd, 2015
GNU MediaGoblin 0.8.1 Open-Source Media Server Fixes Critical OAuth Security Flaw
Available now for all GNU/Linux operating systems
- Security
- By Ionut Ilascu
- June 19th, 2014
Authentication Tokens Found in App Source Codes by the Thousands
Oftentimes secret keys are not obfuscated or protected in any way
- Security Fixes and Improvements
- By Eduard Kovacs
- May 5th, 2014
“Covert Redirect” OAuth Security Flaw Not as Serious as It Sounds, Experts Say
User interaction is required and an open redirect must exist for the attack to work
- Security Fixes and Improvements
- By Eduard Kovacs
- May 3rd, 2013
OAuth Vulnerabilities Allowed Hackers to Access Private Photos on Instagram – Video
Fortunately, Facebook has addressed the issues identified by Break Security
- Security
- By Eduard Kovacs
- February 22nd, 2013
OAuth Flaw in Facebook Gives Researcher Full Control over Any Account – Video
Facebook addressed the vulnerability after being notified by Nir Goldshlager
- Google News
- By Lucian Parfeni
- September 18th, 2012
Google Adds OAuth 2.0 Support for Email and Chat Apps, Expanding 2-Step Verification
You won't need to provide a password for any email or chat client you use
- Web Blog
- By Lucian Parfeni
- November 9th, 2011
Google's OAuth 2.0 Playground is for Skittish Developers
It enables developers to play around with OAuth 2.0 and Google APIs without getting hurt
- Internet Life
- By Lucian Parfeni
- May 19th, 2011
Twitter Now Requiring OAuth for All Apps, Developers Don't Like It
- Security
- By Lucian Constantin
- May 16th, 2011
Facebook Works with Google, Yahoo on Secure Session Cookie Specification
- Google News
- By Lucian Parfeni
- March 17th, 2011
Google Urges Developers to Switch to OAuth for Two-Step Authentication Support
- Google News
- By Lucian Parfeni
- March 15th, 2011
Google Rolls Out Support for OAuth 2.0 in All of Its APIs
- Internet Life
- By Lucian Parfeni
- August 3rd, 2010
Twitter Forces Password Reset for Those Buying Followers
As their accounts may be in danger