CSOonline

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...
Threat Post

Critical Holes in OAuth, OpenID Could Leak Information, Redirect Users

A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal ...