Oauth

Scammers are exploiting Google services to send fake law enforcement inquiry notifications, making them look like they originate from accounts.google.com.

A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.

Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

OpenID and OAuth are protocols responsible for those “Login with Facebook” and “Authorize with Google” buttons you see on almost every site nowadays. Of course, there is a hack for that™, but you don’t need neither panic nor change your password. Read on for our simple action plan.