[![GitHub Accounts](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi5t4qIuspOly41VkqIGxBNTTYamg7vYPQZcgJnycc1zOt19Qf76eUxC6Cz5C7V53NiakN79somwkn-1KcaDtQwv2ORSJ1G5nHKbVgFwu-ohe6iYch4Z-jIPldY ...

Continue Reading

September 23, 2022

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

September 23, 2022

[![Malicious OAuth Apps](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiZDZeAfxlbWPq0TpD22d10zO49Z-ZI87DmzK77MsxJfFhb_45ZoO62lHDgdQ6yFkqqEEtmjSyTTr6FKHSRa7sjEJUW6u-lTYTthYYobg69OjLD6nJOVnd ...

Continue Reading

September 22, 2022

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5632-1 advisory. - OAuthLib is an implementation of the OAuth request-signing lo ...

Continue Reading

September 22, 2022

## Summary IBM Sterling Partner Engagement Manager uses Spring Security OAuth that is vulnerable to a denial of service, caused by initiation of the Authorization Request in an OAuth 2.0 Client applic ...

Continue Reading

September 22, 2022

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The inves ...

Continue Reading

September 22, 2022

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The inves ...

Continue Reading

September 22, 2022

### Impact This issue allows a client of the API to retrieve more information than the client’s OAuth scope permits when making “search-type” requests. This issue would not allow a client to retrie ...

Continue Reading

September 21, 2022