Dark Reading

Attackers Abuse Google OAuth Endpoint to Hijack User Sessions

Attackers have been exploiting an undocumented Google OAuth endpoint to hijack user sessions and allow continuous access to Google services, even after a password reset. A threat actor called "Prisma" ...
InfoQ

Spring Authorization Server 1.0 Provides Oauth 2.1 and OpenID Connect 1.0 Implementations

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...