Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
CSOonline

Warning: Threat actors now abusing Google Apps Script in phishing attacks

Threat actors have discovered a way to abuse Google Apps Scripts to sneak links to malicious websites past phishing defenses. According to new research from Cofense, a new attack has been discovered ...