OAuth

  • Blog
    digitpatrox2 hours ago
    4

    Fake “Security Alert” issues on GitHub use OAuth app to hijack accounts

    A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. “Security Alert: Unusual Access Attempt We have detected a login attempt on your GitHub account that appears to be from a new location or device,” reads the…

    Read More »
  • Blog
    digitpatrox7 hours ago
    7

    Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts

    Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. The campaigns were discovered by Proofpoint researchers, who characterized them as “highly targeted” in a thread on X. The malicious OAuth apps in this campaign are impersonating Adobe Drive, Adobe Drive X, Adobe Acrobat, and DocuSign. Malicious OAuth…

    Read More »
Back to top button
close