The Anniston Star

Mark Edwards: In rare rebuilding year, Spring Garden's Austin ready to 'coach my brains out'

SPRING GARDEN — The Ace Austin Show has hit the road for Tuscaloosa and the University of Alabama, and the two-time Miss Basketball has left behind a changed landscape at Spring Garden High School.
The Hacker News

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 ...
Cloud Security Alliance

When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...
IEEE

Is Your OAuth Middleware Vulnerable? Evaluating Open-Source Identity Providers’ Security

Abstract: The OAuth 2.0 protocol is a widely adopted standard for online authorization. Given its widespread use, it has received substantial attention from the research community towards assessing ...
Nasdaq

Oracle Launches Java 25 With AI, Security, And Developer Productivity Enhancements

(RTTNews) - Oracle (ORCL) has released Java 25 - Oracle JDK 25, the latest version of the world's most widely used programming language and development platform. Designed to boost developer ...
The Hacker News

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.
ZDNet

Canonical's OpenJDK builds promise Java devs more speed - and a whopping 12 years of ...

With Ubuntu Pro, Canonical's OpenJDK build includes 12 years of support. 'Chiseled' builds are faster, more secure than other OpenJDK builds. Canonical is aligning Ubuntu's and OpenJDK's release ...
CSOonline

Cybercrooks faked Microsoft OAuth apps for MFA phishing

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...
blockchain

GitHub Enhances Security with PKCE Support for OAuth and GitHub Apps

GitHub has introduced PKCE support for OAuth and GitHub App authentication, enhancing security by protecting authorization codes. The implementation follows OAuth 2.0 standard (RFC 7636). GitHub has ...
adtmag.com

JetBrains and Spring Deepen Kotlin Integration for Backend Development

Software toolmaker JetBrains and the Spring Team at VMware have announced a strategic collaboration to enhance support for the Kotlin programming language in Spring-based backend development. The ...
Dark Reading

OAuth Attacks Target Microsoft 365, GitHub

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...
Bleeping Computer

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...