SECURITYTHE HACKER NEWS
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Attackers can exploit persistent OAuth tokens from AI tools and productivity apps connected to Google or Microsoft, bypassing perimeter controls and MFA. These tokens have no expiration date and are often left unmonitored. This vulnerability poses a significant security risk to organizations.