Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving ...

Threat actors are increasingly including malicious OAuth apps in their campaigns to break into cloud-based systems and applications. To address this growing problem, Microsoft is adding automated ...

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Office 365 users are receiving emails purporting to come from ...

Application-based attacks that use the passwordless “log in with…” feature common to cloud services are on the rise. Against the backdrop of widespread remote working and the increased use of ...

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...

Integrating CRM software with .NET applications is one of the best strategies for achieving quick and accurate data-driven decisions. However, here is where it gets challenging.

A new phishing campaign uses a Coinbase-themed email to install an Office 365 consent app that gives attackers access to a victim's email. Over the past year, hackers have increasingly used Microsoft ...

Threat actors deployed OAuth applications on compromised cloud tenants and then used them to control Exchange servers and spread spam. The news is the result of an investigation by Microsoft ...

Microsoft Corp. researchers today detailed a recent attack involving malicious OAuth applications that were deployed on compromised cloud tenants to control Exchange servers and spread spam. The ...

The ease of onboarding SaaS applications is creating a false sense of security. SaaS applications are introducing new areas of attack, and security teams must remain vigilant to ensure the security of ...

Over the summer of 2025, a series of breaches exposed risks hidden within software-as-a-service (SaaS) platforms. The ShinyHunters attacks on Salesforce and the compromise of Salesloft's Drift ...

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API ...