ZDNet

Google updates OAuth incremental authorization

Google has simplified the OAuth authorization process for users who give a third-party app access to Google apps such as Docs and Drive. The update, though minor, makes it possible for users to ...
Threat Post

Google Adding Security Checks to Non-OAuth 2.0 Compliant Apps

Google announced it will add additional security checks to log-in attempts from applications or devices that do not support OAuth 2.0. Google announced today that in the coming months it will be more ...
TechCrunch

Google Brings OAuth 2.0 Support To Gmail And Google Talk To Make Third-Party Apps More Secure

Virtually all of Google’s APIs currently support OAuth 2.0, a framework for allowing third-party apps limited access to your data from other services, as their standard authentication mechanism.
Dark Reading

Attackers Abuse Google OAuth Endpoint to Hijack User Sessions

Attackers have been exploiting an undocumented Google OAuth endpoint to hijack user sessions and allow continuous access to Google services, even after a password reset. A threat actor called "Prisma" ...
TechSpot

Google OAuth secrets exposed as account-hijacking MultiLogin vulnerability discovered

Facepalm: OAuth is an open standard designed to share account information with third-party services, providing users with a simple way to access apps and websites. Google, one of the companies ...
PC World

Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback. One security researcher has already managed to replicate it, even as Google is trying to ...
Hosted on MSN

Scammers are now abusing Google OAuth to send phishing emails

Summary: A new scam has come into light, where scammers are sending out phishing emails to targets by abusing the Google OAuth app. Such an email comes from a legit-looking “[email protected]” ...