The Silicon Review

n8n Supply Chain Attack Steals OAuth Tokens Via Nodes

A supply chain attack on n8n injected malicious community nodes to steal user OAuth tokens, highlighting critical risks in ...
CSO Online

Malicious npm packages target the n8n automation platform in a supply chain attack

Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...
Security Boulevard

API Authentication Methods Explained: API Keys, OAuth, JWT & HMAC Compared

A deep dive comparing API Keys, OAuth 2.0, JWT, and HMAC for CTOs. Learn which api authentication method fits your enterprise SSO and IAM strategy.

Securing Identity and Data in the Age of Autonomous Threats

Crucially, detection and response must be unified across identity and data layers. An alert about unusual data access is meaningless if it is not correlated with identity risk signals. Autonomous ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...
TechRadar

State actors are abusing OAuth device codes to get full M365 account access - here's what we know

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter ...
Infosecurity-magazine.com

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...
marktechpost

Understanding OAuth 2.1 for MCP (Model Context Protocol) Servers: Discovery, Authorization, and Access Phases

OAuth 2.1 is the officially mandated authorization standard in the Model Context Protocol (MCP) specifications. According to the official documentation, authorization servers must implement OAuth 2.1 ...