TechCrunch

OAuthpocalypse Tomorrow: Twitter Ending Basic Auth Support At 8 AM PT

A couple weeks ago, we noted the start of the “OAuthpocalypse” — that is, Twitter’s move to make all developers use OAuth rather than basic authentication for their third-party apps. Twitter expected ...
Threat Post

Twitter OAuth API Keys Leaked

The OAuth keys and secrets that official Twitter applications use to access users’ Twitter accounts have been leaked in a post to Github this morning. The OAuth keys and secrets that official Twitter ...
CSO Online

OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene.
Ars Technica

Compromising Twitter’s OAuth security system

Twitter officially disabled Basic authentication this week, the final step in the company’s transition to mandatory OAuth authentication. Sadly, Twitter’s extremely poor implementation of the OAuth ...
CSOonline

What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...