Salt Security Discovers Flaws in Social Login Mechanism Impacting Thousands of Websites and Exposing Billions of Users to Account Takeover | allinfosecnews.com

Oct. 24, 2023, 1:46 p.m. | Guru Writer

IT Security Guru www.itsecurityguru.org

Today, API security company Salt Security released new threat research from Salt Labs highlighting API security vulnerabilities uncovered in the social sign-in and Open Authentication (OAuth) implementations of multiple online companies, including Grammarly, Vidio, and Bukalapak. The flaws, which have since been remediated, could have allowed for credential leakage and enabled full account takeover (ATO). Salt Labs also […]

The post Salt Security Discovers Flaws in Social Login Mechanism Impacting Thousands of Websites and Exposing Billions of Users to Account …

account account takeover api api security authentication companies exposing flaws grammarly labs login mechanism oauth research salt salt labs salt security security sign social social login takeover threat threat research today uncovered vulnerabilities websites

More from www.itsecurityguru.org / IT Security Guru

World Password Day 2024: Try Passkeys! 4 days ago | www.itsecurityguru.org

authentication can credentials experience +15

World Password Day 2024: What are the experts saying? 4 days ago | www.itsecurityguru.org

businesses clear cybersecurity cybersecurity experts +10

Guest Blog: Securing K12 Schools with Centripetal and LANRover 5 days, 20 hours ago | www.itsecurityguru.org

age blog case studies centripetal +19

Synopsys Introduces Polaris Assist: AI-Powered Application Security Assistant 5 days, 22 hours ago | www.itsecurityguru.org

advanced ai-powered application application security +23

Keeper Security Forges Cybersecurity Partnership With Williams Racing 5 days, 22 hours ago | www.itsecurityguru.org

alex branding businesses cybersecurity +17

UK to Take Steps in Helping Protect Consumers Against Cyber Threats from Smart Devices 6 days, 19 hours ago | www.itsecurityguru.org

attacks baby basic connected +22

APIContext’s Global Cloud API Performance Report Show A Decline In Cloud API Availability 1 week, 2 days ago | www.itsecurityguru.org

analysis api api endpoints availability +16

Cato Networks to Showcase New Security Evasion Tactics at RSA Conference 2024 1 week, 3 days ago | www.itsecurityguru.org

architectures cato networks conference cti +25

Salt Security Enhances API Security Platform with OAuth Protection Package 1 week, 3 days ago | www.itsecurityguru.org

address api api protection api security +21

Head of Security Operations

@ Canonical Ltd. | Home based - Americas, EMEA

View on infosec-jobs.com

Security Specialist

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

Senior Cyber Incident Response (Hybrid)

@ SmartDev | Cầu Giấy, Vietnam

View on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US

View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com