Hackers are exploiting OAuth loophole for persistent access - and resetting your password won't save you

Cybercriminals have increasingly used cloud account takeover (ATO) tactics in recent years - as it allows them to hijack ...

Find hidden malicious OAuth apps in Microsoft 365 using Cazadora

Malicious OAuth apps can hide inside Microsoft 365 tenants. Huntress Labs' Cazadora script helps uncover rogue apps before ...
Bleeping Computer

Coinbase phishing hijacks Microsoft 365 accounts via OAuth app

A new phishing campaign uses a Coinbase-themed email to install an Office 365 consent app that gives attackers access to a victim's email. Over the past year, hackers have increasingly used Microsoft ...