What’s behind the OpenClaw ban wave

Using OAuth credentials to connect the viral AI tool OpenClaw to your flat-rate Claude or Gemini account could get you banned ...
Security Boulevard

OpenClaw Security Risk: OAuth and SaaS Identity

OpenClaw runs locally, but the risk lives in SaaS. Learn how OAuth tokens, API access, and AI agents create identity-based exposure across platforms.
WinBuzzer

Anthropic Bans Claude Subscription OAuth in Third-Party Apps

Anthropic has officially banned using Claude subscription OAuth in third-party tools, forcing developers to switch to API ...
CSOonline

Twitter OAuth feature can be abused to hijack accounts, researcher says

The callback feature in Twitter's OAuth implementation can be abused, a researcher said at Hack in the Box A feature in the Twitter API (application programming interface) can be abused by ...
Bleeping Computer

OAuth risks: How to identify, investigate, and mitigate them

We’re now all too familiar with the ubiquitous “Sign in with Google” button we encounter all over the internet. For most of us, it has become the go-to “easy button” for managing the sprawling set of ...
CSO Online

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...