Choosing between SAML, OIDC, and OAuth 2.0? Explore 12 critical differences to help your B2B engineering team select the right authentication protocol today.

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...

Explores how AI agents retrieve data with user permissions yet expose outputs to mixed audiences, urging audience-aware authorization.

While we maintain in the 2026 Threat Detection Report that AI favors defenders, it’s also helping lower the barrier of entr ...

New analysis reveals emerging security challenges and solutions as organizations rely more on connected systems and ...

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. The attacks target government and public-sector ...

Microsoft warns hackers are abusing OAuth redirect feature to deliver malware Phishing emails themed around Teams recordings or 365 resets redirect victims to attacker-controlled sites Payloads ...

Microsoft has warned that phishers are exploiting a built-in behavior of the OAuth authentication protocol to redirect victims to malware, using links that point to legitimate identity provider ...

Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

In this tutorial, we’ll explore how to implement OAuth 2.1 for MCP servers step by step. To keep things practical, we’ll build a simple finance sentiment analysis server and secure it using Scalekit, ...