Is 3rd Party App Access the New Executable File?

By The Hacker News

It's no secret that 3rd party apps can boost productivity, enable remote and hybrid work and are overall, essential in building and scaling a company's work processes. An innocuous process much like clicking on an attachment was in the earlier days of email, people don't think twice when connecting an app they need with their Google workspace or M365 environment, etc. Simple actions that users

Related tags
May 30^th 2022 at 12:39

The Hacker News
High-Severity Bug Reported in Google's OAuth Client Library for Java
May 19^th 2022 at 10:05

High-Severity Bug Reported in Google's OAuth Client Library for Java

By Ravie Lakshmanan

Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature.

Related tags
May 19^th 2022 at 10:05