#oauth

[ follow ]
#authentication #cybersecurity #onedrive #token-theft #saas-security #api-keys #coldfusion #cfoauth #refresh-token
Information security
fromThe Hacker News
22 hours ago

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Stolen OAuth and API tokens enable attackers to bypass MFA and access SaaS systems, making token hygiene and rotation critical to prevent breaches.
fromRaymondcamden
1 week ago

ColdFusion (2025)'s CFOAUTH Tag

The tag did a good job of handling creating the right oauth link for you. So you could (after setting stuff up with your provider of course) drop the tag on a page, and when the user hit it, they would be prompted to login with the third party provider. When returned, the tag would handle getting the access token and such and giving you a nice little structure of data for you to use.
Software development
Privacy professionals
fromIT Pro
4 months ago

A flaw in OneDrive's File Picker feature could give access to hundreds of apps

A security flaw in OneDrive's File Picker exposes user content to third-party apps, risking data leakage.
Privacy professionals
fromThe Hacker News
4 months ago

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access - Even When Uploading Just One File

A security flaw in OneDrive File Picker could allow extensive unauthorized access to a user's cloud storage.
Ruby on Rails
fromRubyflow
4 months ago

Sign in with Apple for Rails apps

OAuth reduces account creation friction; implementing Sign in with Apple is crucial for app compliance and user experience.
DevOps
fromAzure DevOps Blog
5 months ago

Spring Cleaning: A CTA for Azure DevOps OAuth Apps with expired or long-living secrets - Azure DevOps Blog

Azure DevOps OAuth apps will be phased out by 2026, urging migration to Microsoft Identity platform.
App owners are encouraged to implement secret rotation for improved security.
[ Load more ]