OAuth Tokens
Coverage of OAuth Tokens in the Nexus archive.
- FBI warns Microsoft users about passwordless scam
The FBI warns about a phishing-as-a-service platform called Kali365 targeting Microsoft 365 accounts. The scam bypasses multifactor authentication by exploiting Microsoft's device code login process to steal OAuth tokens, granting attackers access to Outlook, Teams, and OneDrive without requiring passwords.
- Another bug hunter leaks Microsoft exploits in defiance of company’s handling of vulnerability disclosures
Ammar Askar, a bug hunter, leaked a vulnerability in Microsoft's Visual Studio Code after becoming disillusioned with the company's handling of security reports. The exploit allows attackers to steal OAuth tokens via malicious extensions, compromising GitHub repos, and was disclosed publicly due to past negative experiences with Microsoft Security Response Center (MSRC).
- One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Cybersecurity researchers disclosed a one-click attack via Microsoft Visual Studio Code that can steal GitHub OAuth tokens, allowing attackers to read and write to user repositories, including private ones. The attack exploits GitHub's GitHub.dev feature, enabling token theft through a malicious link click.
- Vercel Employee's AI Tool Access Led to Data Breach
A Vercel employee's access to an AI tool led to a data breach involving stolen OAuth tokens. The breach highlights the growing risk of OAuth tokens as a new attack vector and method for lateral movement in cyberattacks.