Google OAuth Client is vulnerable to token validation bypass. The function IdTokenVerifier validate any token with custom payload as valid token if the token is properly signed.Read More ...

Continue Reading

May 30, 2022

This Metasploit module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) vulnerability in VMware Workspace ONE Access, to execute shell commands as the horizon user.Rea ...

Continue Reading

May 30, 2022

Found **ssl-oauth[.]com** in [RST Threat Feed](https://rstcloud...Read More ...

Continue Reading

May 30, 2022

Spring Security OAuth (spring-security-oauth2) provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption ([CWE-400]()). Note that Spring Security OAu ...

Continue Reading

May 30, 2022

[![Google's OAuth Client Library for Java](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjALy9QMXTUv6ySyu_gytORGXUFbFnfcP5yvZm5Q_Kh3izl6dVLvh3ErdT7eMropcP3J1HII1l5Ugb9f29fbOB2ExRE5EcKbo68O ...

Continue Reading

May 30, 2022

A security researcher has [disclosed]() how he chained together multiple bugs in order to take over Facebook accounts that were linked to a Gmail account. Youssef Sammouda states it was possible to ta ...

Continue Reading

May 30, 2022

_This blog post is part of the Microsoft Intelligent Security Association _[_guest blog series_]()_. _[_Learn more about MISA_]()_._ The acceleration of cloud journeys fueled by the pandemic and ever- ...

Continue Reading

May 30, 2022

_This blog post is part of the Microsoft Intelligent Security Association _[_guest blog series_]()_. _[_Learn more about MISA_]()_._ The acceleration of cloud journeys fueled by the pandemic and ever- ...

Continue Reading

May 30, 2022