Experimental News Clipping Site

Tag: OAuth

  • The Register: Supply chain attack hits Chrome extensions, could expose millions

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/ Source: The Register Title: Supply chain attack hits Chrome extensions, could expose millions Feedly Summary: Threat actor exploited phishing and OAuth abuse to inject malicious code Cybersecurity outfit Sekoia is warning Chrome users of a supply chain attack targeting browser extension developers that has potentially impacted hundreds of thousands of individuals already.……

  • Hacker News: Show HN: Graceful token refresh for open source OAuth2 Server Ory Hydra

    by

    Kurt Seifried
    in

    Source URL: https://github.com/ory/hydra/releases/tag/v2.3.0 Source: Hacker News Title: Show HN: Graceful token refresh for open source OAuth2 Server Ory Hydra Feedly Summary: Comments AI Summary and Description: Yes Summary: The release of Ory Hydra 2.3.0 introduces significant enhancements to token refresh processes and compliance measures with OpenID Connect standards, marking an important update for security measures…

  • Hacker News: A New type of web hacking technique: DoubleClickjacking

    by

    Kurt Seifried
    in

    Source URL: https://www.paulosyibelo.com/2024/12/doubleclickjacking-what.html Source: Hacker News Title: A New type of web hacking technique: DoubleClickjacking Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text introduces the concept of “DoubleClickjacking,” a sophisticated web vulnerability that builds upon traditional clickjacking techniques by exploiting event timing between double clicks. This novel approach allows attackers to bypass…

  • Slashdot: Dead Google Apps Domains Can Be Compromised By New Owners

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/01/15/2031225/dead-google-apps-domains-can-be-compromised-by-new-owners?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Dead Google Apps Domains Can Be Compromised By New Owners Feedly Summary: AI Summary and Description: Yes Summary: The text highlights a critical security vulnerability regarding the improper management of Google Workspace accounts by defunct startups, leading to potential unauthorized access to sensitive information once the domains are resold.…

  • The Register: Telemetry data from 800K VW Group EVs exposed online

    by

    system automation
    in

    Source URL: https://www.theregister.com/2025/01/06/volkswagen_ev_data_exposed/ Source: The Register Title: Telemetry data from 800K VW Group EVs exposed online Feedly Summary: PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more Infosec in Brief Welcome to 2025: hopefully you enjoyed a pleasant holiday season and returned to the security…

  • Simon Willison’s Weblog: Quoting Colin Fraser

    by

    system automation
    in

    Source URL: https://simonwillison.net/2025/Jan/4/colin-fraser/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Colin Fraser Feedly Summary: Claude is not a real guy. Claude is a character in the stories that an LLM has been programmed to write. Just to give it a distinct name, let’s call the LLM “the Shoggoth". When you have a conversation with Claude, what’s…

  • MCP Server Cloud – The Model Context Protocol Server Directory: MCP Google Calendar Server – MCP Server Integration

    by

    system automation
    in

    Source URL: https://mcpserver.cloud/server/mcp-google-calendar-server Source: MCP Server Cloud – The Model Context Protocol Server Directory Title: MCP Google Calendar Server – MCP Server Integration Feedly Summary: AI Summary and Description: Yes Summary: The provided text outlines the implementation of a Model Context Protocol (MCP) server that integrates with AI assistants like Claude to facilitate the creation…