Novel OAuth Client ID Spoofing Technique Targets Cloud Environments
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud environments
Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.
Search across headline titles and summaries.
Background for this topic.
Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.
Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.
Weekly headline count for the current query.
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud environments
At least four cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
Critical phpBB authentication bypass lets attackers hijack any account with one request
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets
Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8
The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited
A newly discovered vulnerability in authentication platform n8n could allow threat actors to take control of n8n servers
Threat actor “Zestix” was able to breach around 50 firms using infostealers because they lacked multi-factor authentication
A surge in phishing attacks exploiting Microsoft’s OAuth device code flow has been identified by Proofpoint
Flaw in Base44 allowed unauthorized access to private apps, bypassing authentication systems
Cognizant handed over a password to the cybercriminal without asking any authentication questions
A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes
A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts
Microsoft confirmed an outage of its multi-factor authentication system impacting access to Microsoft 365, causing login failures and service disruption
DoubleClickjacking bypasses X-Frame-Options and SameSite cookies in double-click sequences, exposing UI authentication flaws
The multi-cloud data warehousing platform said it will completely phase out single factor authentication with passwords by November 2025