OAuth stories

Proofpoint says mailbox rule abuse is becoming a routine Microsoft 365 takeover tactic, helping attackers hide alerts, hijack threads and drive fraud.

Microsoft warns that 10 to 15 EvilToken phishing runs are launched daily, compromising hundreds of organisations through OAuth token abuse.

OpenID Foundation appoints Kantara Initiative to oversee testing service applicants as it expands independent assurance for digital identity standards.

Vorlon unveils AI Agent Flight Recorder and Action Centre to help security teams trace activity across SaaS apps and coordinate responses.

Vorlon survey reveals nearly all CISOs suffered SaaS and AI security incidents in 2025, despite high confidence in existing controls.

CData upgrades Connect AI with managed MCP tools, tightening data access, identity controls and live connectivity for enterprise agents.

A rapid surge in OpenClaw AI assistant use has left tens of thousands of exposed systems and a trail of hijacked tools and malicious add-ons.

AI-driven hackers can now steal data in just 72 minutes, as faster, multi-surface attacks overwhelm complex, over-trusting enterprises.

Okta launches Agent Discovery to uncover and rein in shadow AI agents, mapping risky app access and tightening identity-based controls.

Okta users face rising vishing attacks as ShinyHunters expand real-time MFA phishing, prompting fresh SaaS and identity security warnings.

Shadow AI tool Clawdbot quietly spreads across workplaces, alarming security teams as staff grant it broad access on unmanaged devices.

Experts say AI-driven attacks and rampant data leaks mean organisations must verify outputs, curb collection and harden identity controls.

Criminals are using Kubernetes and cloud-native tools to rapidly scale phishing-as-a-service, targeting Gmail, Facebook and Microsoft O365.

Proofpoint flags a sharp rise in Microsoft 365 account takeovers via device code phishing, hitting firms from finance to government.

Cyber attacks on SaaS platforms are soaring, pushing boards to make AI‑driven security a core strategy as misconfigurations fuel mass breaches.

CData's Connect AI now enables Microsoft Copilot Studio agents to access and act on live data from 350+ enterprise systems, boosting AI-driven business insights.

Proofpoint reveals how weaponised OAuth apps enable hackers to maintain cloud access despite password resets and MFA, threatening persistent account takeover.

Google Workspace's native tools struggle to manage unapproved SaaS apps, exposing firms to data risks amid rising shadow IT use.

Barracuda warns of a surge in advanced OAuth phishing attacks exploiting Microsoft 365 and other platforms to steal access tokens and bypass multifactor authentication.

Delinea has launched its open-source MCP Server, enabling secure, policy-driven access for AI agents to manage credentials and workflows efficiently.