OAuth - API Security Blog

RST Threat feed. IOC: https://suncoast-auth.dns05.com/auth.php?oauth

Found **https://suncoast-auth[.]dns05.com/auth.php?oauth** in [...Read More ...

30 мая, 2022

CVE report published for Spring Security OAuth

We have released Spring Security OAuth 2.5.2 to address the following CVE report. * [CVE-2022-22969: Denial-of-Service (DoS) in spring-security-oauth2]() This vulnerability exposes OAuth 2.0 Client ...

30 мая, 2022

GitLab 7.7.x < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 CSRF

According to its self-reported version, the instance of GitLab running on the remote web server is 7.7.x prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, affected ...

30 мая, 2022

GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens

[![GitHub](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjxX2jD8VVilJjQZkcsQwvoW0ZvAYbtJTCbmXDltSql9D4lPJW4bUlaSg9BnGka9yPYv829y-vn5ks9eFbNR9NaZd9WiHUEDQLsczRpWMDIz2fOCNxh-f8tAD_BfMy2zIiFu ...

30 мая, 2022

O365-Doppelganger – A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjnu3bza5lczEWmdNm_mbRAmPz8iZzGLMzZeSZO3SLYXCqAC4_K3KKvkNMCRRERCxacnPbhVv8qsCmNtWSmnlvW1OWWAUf2KSZqK918RFZHtHKT7tJ_TUJj37GhbBxX09oeKrilNNluGpFsKub ...

30 мая, 2022

(RHSA-2022:1420) Important: OpenShift Container Platform 3.11.685 security and bug fix update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...

30 мая, 2022

Zepp 6.1.4-play User Account Enumeration

Post ContentRead More ...

30 мая, 2022

Zepp 6.1.4-play User Account Enumeration Vulnerability

Post ContentRead More ...

30 мая, 2022