Security Boulevard

OAuth User-Managed Access Protocol Overview

Deep dive into OAuth User-Managed Access (UMA) for CTOs. Learn how UMA 2.0 improves CIAM, delegated authorization, and enterprise SSO security.
Live Science

NASA's Mars Sample Return is dead, leaving China to retrieve signs of life from the Red Planet

NASA's plans for Mars sample return are effectively cancelled as part of a bill approved by the U.S. Congress, ending efforts to collect Perseverance rover samples that could contain evidence of alien ...
Bleeping Computer

ConsentFix debrief: Insights from the new OAuth phishing attack

In December, the Push Security research team discovered and blocked a brand new attack technique that we coined ConsentFix. This technique merged ClickFix-style social engineering with OAuth consent ...
gadgets360

Microsoft 365 Accounts Reportedly Breached After Hackers Exploit Legitimate Microsoft OAuth Feature

Attackers trick users into approving access on real Microsoft pages OAuth device code phishing surged sharply since September 2025 Both cybercriminals and state-linked actors reportedly use this ...
Windows Report

Beware! Hackers Are Exploiting OAuth Device Code to Scam Microsoft 365 Users

Hackers are abusing a legitimate Microsoft authentication feature to break into enterprise Microsoft 365 accounts, even when multifactor authentication is enabled. Security researchers warn that ...
Infosecurity-magazine.com

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...
The Lancet

Effective sample size for individual risk predictions: quantifying uncertainty in machine learning models

Copyright: © 2025 The Author(s). Published by Elsevier Ltd. Individual prediction uncertainty is a key aspect of clinical prediction model performance; however ...
Vogue

Are Sample Sales Good for Brands?

The amount of noise The Row’s annual sample sale generated last weekend was perhaps antithetical to the brand’s ultimate quiet luxury status. But what else could be expected? The brand’s legions of ...
Dark Reading

OAuth Abuse: The Threat of Illicit Consent Grants

Picture this: You invite a new friend over with the expectation of enjoying some time together and getting to know them better. But, instead of sitting quietly on your sofa, they rush off and start ...
Cloud Security Alliance

The Salesloft Drift OAuth Supply-Chain Attack: Cross-Industry Lessons in Third-Party Access Visibility

The August 2025 Salesloft Drift breach demonstrates a systemic security blind spot across all industries: third-party delegated access through OAuth integrations. Over 700 organizations — including ...
marktechpost

Understanding OAuth 2.1 for MCP (Model Context Protocol) Servers: Discovery, Authorization, and Access Phases

OAuth 2.1 is the officially mandated authorization standard in the Model Context Protocol (MCP) specifications. According to the official documentation, authorization servers must implement OAuth 2.1 ...