OAuth

Technology

Last mentioned: 4d ago

Timeline

Apr 1, 2001
Data Exfiltration

Sensitive data is siphoned via API calls, appearing as legitimate service-to-service traffic to bypass network security.
Mar 1, 2001
Lateral Movement

Using stolen tokens, attackers move from the compromised tool into the target's CRM, ERP, or email environment.
Feb 1, 2001
Token Harvesting

Attackers leverage existing OAuth permissions to harvest access tokens for core business systems.
Jan 1, 2001
Initial Access

Attacker compromises a low-security third-party SaaS tool via phishing or credential stuffing.

Stories mentioning OAuth 1

SaaS Supply Chain Vulnerabilities: The New Frontier for Cybercriminal Exploitation

Cybercriminals are increasingly targeting Software-as-a-Service (SaaS) supply chains, leveraging interconnected application ecosystems to bypass traditional perimeter defenses. This shift highlights a critical visibility gap in SaaS-to-SaaS (S2S) communications and OAuth permission management, turning third-party integrations into high-value attack vectors.

4d ago 2 sources