Infosecurity-magazine.com

Hotjar, Business Insider Vulnerabilities Expose OAuth Data Risks

Security researchers have unveiled critical vulnerabilities within web analytics provider Hotjar and global news outlet Business Insider. The findings, from Salt Labs, indicate heightened risks for ...
ZDNet

Heroku fesses up to customer password theft due to OAuth token attack

Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...
Threat Post

Facebook Patches OAuth Authentication Vulnerability

Social media supersite Facebook has fixed a vulnerability that could have allowed a hacker to access a user’s account simply by getting them to click through to a specially crafted website. The flaw ...
Digit

Twitter makes OAuth mandatory; tries out new link wrapping service

Applications are no longer allowed to store your password. If you change your password, the applications will continue to work. Some applications you have been using may require you to reauthorize ...
Ars Technica

Gmail’s API lockdown will kill some third-party app access, starting July 15

Google is locking down API access to Gmail data (and later, Drive data) soon, and some of your favorite third-party apps might find themselves locked out of your Google account data. The new API ...