oauth

13 articles
Sort: New Top Best
clear filter
bug-bounty625 facebook443 xss316 google119 rce106 microsoft66 csrf60 web355 account-takeover55 writeup50 malware43 sqli41 apple41 exploit40 ssrf35 cve34 privilege-escalation34 dos34 cloudflare29 defi28 phishing25 smart-contract-vulnerability25 access-control25 ethereum24 smart-contract24 clickjacking24 idor24 subdomain-takeover24 vulnerability-disclosure23 remote-code-execution21 auth-bypass19 lfi18 race-condition16 cloud15 authentication-bypass15 cors15 solidity15 node15 aws14 reverse-engineering13 oauth13 web-security12 sql-injection12 supply-chain12 denial-of-service11 info-disclosure11 browser11 delegatecall11 web-application-security11 vulnerability10
0
MCPs, CLIs, and skills: when to use what?
vulnerability
apple cloudflare microsoft node oauth rce
jngiam.bearblog.dev · jngiam1 · 47 minutes ago · details · hn
0
Google VRP SSRF in Google cloud platform stackdriver
vulnerability

Ron Chan discovered an SSRF vulnerability in Google Cloud Platform's Stackdriver Debug feature that allowed attackers to intercept OAuth access tokens from Bitbucket, GitHub, or GitLab by exploiting an unvalidated URL parameter in the resource listing endpoint, which forwarded requests with the user's authorization token to arbitrary attacker-controlled servers.

ssrf server-side-request-forgery oauth token-theft google-cloud-platform stackdriver cloud-debugger third-party-integration api-security authorization-header-leakage csrf-protection access-token-exfiltration google-vrp
Google Cloud Platform Stackdriver Cloud Debugger GitHub GitLab Bitbucket Burp Collaborator Ron Chan Google Vulnerability Reward Program
ngailong.wordpress.com · devanshbatham/Awesome-Bugbounty-Writeups · 3 hours ago · details
0
Authentication Bypass on airbnb via oauth tokens theft
authentication
auth-bypass oauth
arneswinnen.net · devanshbatham/Awesome-Bugbounty-Writeups · 3 hours ago · details
0
Oauth authentication bypass on airbnb acquistion using wierd 1 char open redirect
authentication
auth-bypass oauth open-redirect
xpoc.pro · devanshbatham/Awesome-Bugbounty-Writeups · 3 hours ago · details
0
Chaining tricky ouath exploitation to stored XSS
vulnerability
oauth xss
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 3 hours ago · details
0 2/10
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
threat-intel

Weekly security bulletin covering multiple threat vectors including OAuth vulnerabilities, EDR evasion techniques, signal phishing campaigns, ZIP bomb attacks, and AI platform compromises with emphasis on emerging attack patterns and refined techniques.

oauth edr-bypass phishing zip-bombing ai-security threat-intelligence vulnerability-roundup
thehackernews.com · [email protected] (The Hacker News) · 7 hours ago · details
0
GHSL-2026-035: Wekan may Leak Credentials During User Notification Workflow - CVE-2026-30847
authentication
cve oauth
CVE-2026-30847
securitylab.github.com · m-y-mo · 6 days ago · details
0
The MCP AuthN/Z Nightmare
vulnerability
cloudflare cve exploit facebook oauth rce
CVE-2025-4143 CVE-2025-4144 CVE-2025-53100 CVE-2025-53818 CVE-2025-6514
blog.doyensec.com · doyensec · 7 days ago · details
0
Introducing the 2026 Cloudflare Threat Report
authentication
cloudflare dos oauth
blog.cloudflare.com · Cloudforce One · 9 days ago · details
0
Facebook OAuth Framework Vulnerability
authentication
bug-bounty facebook oauth
amolbaikar.com · Amol Baikar · 126 years ago · details
0
Facebook Oauth token leakage
authentication
auth-bypass bug-bounty facebook oauth
medium.com · Abdellah Yaala · 126 years ago · details