Threat Insight<p>With the goal of better understanding cloud account takeover (ATO) attacks, our threat researchers developed a tool that automates the creation of malicious internal applications within a compromised cloud environment.</p><p>This blog post provides an in-depth technical analysis of that tool and its implications for enterprise security. </p><p>🔗 <a href="https://www.proofpoint.com/us/blog/threat-insight/beyond-credentials-weaponizing-oauth-applications-persistent-cloud-access" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">proofpoint.com/us/blog/threat-</span><span class="invisible">insight/beyond-credentials-weaponizing-oauth-applications-persistent-cloud-access</span></a></p><p><a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/ATO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ATO</span></a> <a href="https://infosec.exchange/tags/credentials" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>credentials</span></a> <a href="https://infosec.exchange/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://infosec.exchange/tags/cyberrisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberrisk</span></a> <a href="https://infosec.exchange/tags/accounttakeover" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accounttakeover</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
201active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.5
#oauth
1 post · 1 participant · 0 posts today
damienbod<p>Blogged: Implement a secure MCP OAuth desktop client using OAuth and Entra ID</p><p><a href="https://damienbod.com/2025/10/16/implement-a-secure-mcp-oauth-desktop-client-using-oauth-and-entra-id/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">damienbod.com/2025/10/16/imple</span><span class="invisible">ment-a-secure-mcp-oauth-desktop-client-using-oauth-and-entra-id/</span></a></p><p><a href="https://mastodon.social/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mcp</span></a> <a href="https://mastodon.social/tags/entra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>entra</span></a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a> <a href="https://mastodon.social/tags/identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identity</span></a> <a href="https://mastodon.social/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iam</span></a> <a href="https://mastodon.social/tags/llm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>llm</span></a> <a href="https://mastodon.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.social/tags/openidconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openidconnect</span></a> <a href="https://mastodon.social/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Leanpub<p>New 📚 Release! MCP Servers with Oauth: A full introduction to MCP, from zero to deployment in one weekend by Zach Silveira <a href="https://mastodon.social/tags/books" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>books</span></a> <a href="https://mastodon.social/tags/ebooks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ebooks</span></a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a></p><p>This book provides the fastest way to get up to speed using the latest Model Context Protocol authentication specification that was finalized in May 2025.</p><p>Find it on Leanpub!</p><p>Link: <a href="https://leanpub.com/creatingmcpserverswithoauth" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">leanpub.com/creatingmcpservers</span><span class="invisible">withoauth</span></a></p>
Artem R 🇺🇦<p>Curious if it is possible to use Mastodon as OAuth provider for login without knowing users instance in advance? <a href="https://indieweb.social/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastodon</span></a> <a href="https://indieweb.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a></p>
Nicolas MOUART<p><a href="https://mastodon.social/tags/Barracuda" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Barracuda</span></a> highlighted large-scale, automated, and streamlined attacks involving phishing kits such as Tycoon and EvilProxy. In one example, a Tycoon 2FA attack redirected users to a phishing site impersonating <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> to steal login credentials. Another attack involved EvilProxy, designed to bypass multifactor authentication and hijack sessions, using the 'prompt=none' command to suppress login prompts and silently redirect signed-in users.<br><a href="https://securitybrief.com.au/story/barracuda-warns-of-surge-in-advanced-oauth-phishing" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securitybrief.com.au/story/bar</span><span class="invisible">racuda-warns-of-surge-in-advanced-oauth-phishing</span></a></p><p><a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a></p>
damienbod<p>Blogged: Implement a secure MCP server using OAuth and Entra ID</p><p><a href="https://damienbod.com/2025/09/23/implement-a-secure-mcp-server-using-oauth-and-entra-id/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">damienbod.com/2025/09/23/imple</span><span class="invisible">ment-a-secure-mcp-server-using-oauth-and-entra-id/</span></a></p><p><a href="https://mastodon.social/tags/aspnetcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aspnetcore</span></a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dotnet</span></a> <a href="https://mastodon.social/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mcp</span></a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a> <a href="https://mastodon.social/tags/openidconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openidconnect</span></a> <a href="https://mastodon.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.social/tags/openai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openai</span></a> <a href="https://mastodon.social/tags/llm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>llm</span></a> <a href="https://mastodon.social/tags/agent" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>agent</span></a> <a href="https://mastodon.social/tags/entra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>entra</span></a> <a href="https://mastodon.social/tags/entraid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>entraid</span></a> <a href="https://mastodon.social/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
|7eter l-|. l3oling 🧰<p>Have you supported open source today?<br>⭐️ Star / Follow ruby-oauth Projects: <a href="https://github.com/ruby-oauth" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/ruby-oauth</span><span class="invisible"></span></a><br>✉️ Join Official ruby-oauth Discord: <a href="https://discord.gg/3qme4XHNKN" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">discord.gg/3qme4XHNKN</span><span class="invisible"></span></a><br>🥰 Financially Support ruby-oauth FLOSS: <a href="https://opencollective.com/ruby-oauth" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">opencollective.com/ruby-oauth</span><span class="invisible"></span></a></p><p><a href="https://ruby.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ruby</span></a> <a href="https://ruby.social/tags/Oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth</span></a> <a href="https://ruby.social/tags/Oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth2</span></a> <a href="https://ruby.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://ruby.social/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> <a href="https://ruby.social/tags/FLOSSFunding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSSFunding</span></a></p>
Dissent Doe :cupofcoffee:<p>"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.</p><p>[...]</p><p>In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.</p><p>ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."</p><p>Read more of Lawrence Abrams' great reporting on Bleeping Computer:<br><a href="https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/</span></a></p><p><a href="https://infosec.exchange/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> <a href="https://infosec.exchange/tags/Salesloft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesloft</span></a> <a href="https://infosec.exchange/tags/Oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth</span></a> <a href="https://infosec.exchange/tags/Drift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Drift</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransom</span></a> <a href="https://infosec.exchange/tags/ShinyyHunters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ShinyyHunters</span></a> <a href="https://infosec.exchange/tags/ScatteredSpider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ScatteredSpider</span></a> <a href="https://infosec.exchange/tags/LAPSUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAPSUS</span></a>$ <a href="https://infosec.exchange/tags/UNC6040" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC6040</span></a> <a href="https://infosec.exchange/tags/UNC6395" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC6395</span></a></p>
Hackread.com<p>New: Salesloft Drift Breach traced to GitHub compromise and stolen <a href="https://mstdn.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> tokens, Mandiant confirms breach contained and Salesforce data targeted.</p><p>Read: <a href="https://hackread.com/salesloft-drift-breach-github-compromise-oauth-tokens/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/salesloft-drift-b</span><span class="invisible">reach-github-compromise-oauth-tokens/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/SalesloftDrift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SalesloftDrift</span></a> <a href="https://mstdn.social/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://mstdn.social/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> <a href="https://mstdn.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a></p>
Kushal Das :python: :tor: 🇸🇪<p>Can anyone point me to a good <a href="https://toots.dgplug.org/tags/documentation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>documentation</span></a> for <a href="https://toots.dgplug.org/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a> which explains when to use personal tokens and when to use client credentials? Specially <a href="https://toots.dgplug.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> wise why it is a bad idea to use shared client credentials than allowing users to use tokens per user. @aaronpk maybe you have something ready :)</p><p>I need to pass this information to a group of old age wise (but new in learning) developers.</p>
CyberVeille.ch<p>📢 Fuite de données chez Palo Alto Networks via des tokens OAuth volés ciblant Salesforce<br>📝 Selon BleepingComputer, Palo Alto Networks a confirmé avoir été victime d’une fuit...<br>📖 cyberveille : <a href="https://cyberveille.ch/posts/2025-09-02-fuite-de-donnees-chez-palo-alto-networks-via-des-tokens-oauth-voles-ciblant-salesforce/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberveille.ch/posts/2025-09-0</span><span class="invisible">2-fuite-de-donnees-chez-palo-alto-networks-via-des-tokens-oauth-voles-ciblant-salesforce/</span></a><br>🌐 source : <a href="https://www.bleepingcomputer.com/news/security/palo-alto-networks-data-breach-exposes-customer-info-support-tickets/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/palo-alto-networks-data-breach-exposes-customer-info-support-tickets/</span></a><br><a href="https://mastobot.ping.moi/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://mastobot.ping.moi/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> <a href="https://mastobot.ping.moi/tags/Cyberveille" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cyberveille</span></a></p>
gyptazyKanidm (written in Rust) as identity provider for <a href="https://gyptazy.com/fedi?t=proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Proxmox</a> with OAuth / OIDC.<br><br><a href="https://gyptazy.com/fedi?t=kanidm" class="mention hashtag" rel="nofollow noopener" target="_blank">#kanidm</a> <a href="https://gyptazy.com/fedi?t=idm" class="mention hashtag" rel="nofollow noopener" target="_blank">#idm</a> <a href="https://gyptazy.com/fedi?t=rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#rust</a> <a href="https://gyptazy.com/fedi?t=proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#proxmox</a> <a href="https://gyptazy.com/fedi?t=identitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#identitymanagement</a> <a href="https://gyptazy.com/fedi?t=opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://gyptazy.com/fedi?t=oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://gyptazy.com/fedi?t=oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#oidc</a> <a href="https://gyptazy.com/fedi?t=ldap" class="mention hashtag" rel="nofollow noopener" target="_blank">#ldap</a> <a href="https://gyptazy.com/fedi?t=authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentik</a> <a href="https://gyptazy.com/fedi?t=virtualization" class="mention hashtag" rel="nofollow noopener" target="_blank">#virtualization</a> <a href="https://gyptazy.com/fedi?t=howto" class="mention hashtag" rel="nofollow noopener" target="_blank">#howto</a><br><br><a href="https://gyptazy.com/blog/kanidm-with-proxmox-and-oidc-the-full-setup/" rel="nofollow noopener" target="_blank">https://gyptazy.com/blog/kanidm-with-proxmox-and-oidc-the-full-setup/</a><br><br>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Salesloft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesloft</span></a> breached to steal <a href="https://mastodon.thenewoil.org/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> tokens for <a href="https://mastodon.thenewoil.org/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> data-theft attacks</p><p><a href="https://www.bleepingcomputer.com/news/security/salesloft-breached-to-steal-oauth-tokens-for-salesforce-data-theft-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/salesloft-breached-to-steal-oauth-tokens-for-salesforce-data-theft-attacks/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Dissent Doe :cupofcoffee:<p><span class="h-card" translate="no"><a href="https://exquisite.social/@delighted" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delighted</span></a></span> Well, yes.. that's the ShinyHunters/ScatteredSpider collaboration, but now they have the Salesloft Drift approach, which Google Threat Intelligence Group had tracked as UNC 6395. It looks like GITG just updated the scope of the attack today to any and all authentication tokens stored in or connected to the Drift platform</p><p><a href="https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cloud.google.com/blog/topics/t</span><span class="invisible">hreat-intelligence/data-theft-salesforce-instances-via-salesloft-drift</span></a></p><p><a href="https://infosec.exchange/tags/SalesloftDrift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SalesloftDrift</span></a> <a href="https://infosec.exchange/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> <a href="https://infosec.exchange/tags/GITG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GITG</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://infosec.exchange/tags/Tokens" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tokens</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p>
Hackread.com<p>Google and Mandiant alert: Threat actor <a href="https://mstdn.social/tags/UNC6395" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UNC6395</span></a> stole OAuth tokens via Salesloft Drift, bypassed MFA, and exfiltrated <a href="https://mstdn.social/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> data.</p><p>Read: <a href="https://hackread.com/google-unc639s-oauth-token-theft-salesforce-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/google-unc639s-oa</span><span class="invisible">uth-token-theft-salesforce-breach/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://mstdn.social/tags/SalesloftDrift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SalesloftDrift</span></a> <a href="https://mstdn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mstdn.social/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a></p>
Inautilo<p><a href="https://mastodon.social/tags/Development" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Development</span></a> <a href="https://mastodon.social/tags/Guides" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Guides</span></a><br>An illustrated guide to OAuth · How delegated access works behind the scenes <a href="https://ilo.im/166dtf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ilo.im/166dtf</span><span class="invisible"></span></a></p><p>_____<br><a href="https://mastodon.social/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authorization</span></a> <a href="https://mastodon.social/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentication</span></a> <a href="https://mastodon.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://mastodon.social/tags/ClientServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClientServer</span></a> <a href="https://mastodon.social/tags/ThirdParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThirdParty</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebDev</span></a> <a href="https://mastodon.social/tags/Frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Frontend</span></a> <a href="https://mastodon.social/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backend</span></a></p>
"Musty Bits" McGee<p>Oauth working for Kubernetes authentication and authorization.</p><p>Very satisfying, if fiddly.</p><p><a href="https://eigenmagic.net/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeLab</span></a> <a href="https://eigenmagic.net/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://eigenmagic.net/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://eigenmagic.net/tags/Oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth</span></a></p>
"Musty Bits" McGee<p>Cool blog spotto</p><p><a href="https://blog.stonegarden.dev/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">blog.stonegarden.dev/</span><span class="invisible"></span></a></p><p><a href="https://eigenmagic.net/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://eigenmagic.net/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://eigenmagic.net/tags/Oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth</span></a> <a href="https://eigenmagic.net/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://eigenmagic.net/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxmox</span></a> <a href="https://eigenmagic.net/tags/Talos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Talos</span></a> <a href="https://eigenmagic.net/tags/TalosLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TalosLinux</span></a> <a href="https://eigenmagic.net/tags/ArgoCD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArgoCD</span></a></p>
Threat Insight<p>In a new technical blog, Proofpoint threat researchers detailed their observations of threat actors impersonating well-known enterprises with fake <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://infosec.exchange/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> applications that redirect to malicious URLs, enabling credential phishing. <br> <br>See our blog for full campaign details and impersonation examples. We also included tips on how to defend against hybrid (email and cloud) threats. <a href="https://www.proofpoint.com/us/blog/threat-insight/microsoft-oauth-app-impersonation-campaign-leads-mfa-phishing" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">proofpoint.com/us/blog/threat-</span><span class="invisible">insight/microsoft-oauth-app-impersonation-campaign-leads-mfa-phishing</span></a></p>
Third spruce tree on the left<p>When you get the option to `Sign in with Google/Microsoft/Facebook` you're really using <a href="https://mas.to/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a>. Aside from those platforms knowing what you're doing everywhere all the time, there are compelling reasons for both 3rd party services and users. (not many, but a few). </p><p>But if you DO link your <a href="https://mas.to/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> / <a href="https://mas.to/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Google</span></a> / <a href="https://mas.to/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> account to some other service, there's never anyway to UNLINK it, and that's just lazy cowardly product management, $0.02. Oh and its deliberate.</p><p><a href="https://awadwatt.com/tezoatlipoca/poor-software-product-management-chronicles-e-auth-i-auth-oauth-fuck-off" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">awadwatt.com/tezoatlipoca/poor</span><span class="invisible">-software-product-management-chronicles-e-auth-i-auth-oauth-fuck-off</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload