all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

API Bug in OAuth dev tool opened websites, apps to account hijacking

Add to bookmarks
May 25, 2023, 1:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Critical flaw in the Expo framework that allowed them to take over user accounts via the Open Authorization (OAuth) protocol. 


Article Link: API Bug in OAuth dev tool opened websites, apps to account hijacking | SC Media


1 post - 1 participant


Read full topic

account account hijacking accounts api apps article authorization bug critical critical flaw dev flaw framework hijacking link media oauth protocol tool websites

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Compliance Through Vigilance; SOCRadar XTI for Compliant Organizations an hour ago | malware.news
age assets aware businesses +16
DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware an hour ago | malware.news
campaign dropper droppers east +15
Security Advisory – Vulnerabilities in Fortinet 2 hours ago | malware.news
advisory attacker code cve +17
Analysis of Pupy RAT Used in Attacks Against Linux Systems 3 hours ago | malware.news
analysis apt apt35 apt groups +17
A Look at CVE-2024-3400 Activity and Upstyle Backdoor Technical Analysis 3 hours ago | malware.news
alto analysis backdoor can +28
International investigation disrupts phishing-as-a-service platform LabHost 4 hours ago | malware.news
addresses april arrest as-a-service +12
From BYOVD to a 0-day: Unveiling Advanced Exploits in Cyber Recruiting Scams 4 hours ago | malware.news
admin advanced attack attack chain +25
ISC Stormcast For Thursday, April 18th, 2024 https://isc.sans.edu/podcastdetail/8944, (Thu, Apr 18th) 8 hours ago | malware.news
topic
A Vuln is a Vuln, unless the CVE for it is after Feb 12, 2024, … 9 hours ago | malware.news
announcement backlog cve database +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Ford Pro Tech and FCSD Tech – Product Manager, Cyber Security

@ Ford Motor Company | Chennai, Tamil Nadu, India
View on infosec-jobs.com

Cloud Data Encryption and Cryptography Automation Expert

@ Ford Motor Company | Chennai, Tamil Nadu, India
View on infosec-jobs.com

SecOps Analyst

@ Atheneum | Berlin, Berlin, Germany
View on infosec-jobs.com

Consulting Director, Cloud Security, Proactive Services (Unit 42)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com
View more jobs