The Next Web

Twitter developers be aware of OAuth API changes!

We recently asked all Twitter third party app developers to get rid of asking for user credentials and kindly switch to delegated authentication based on the open OAuth protocol. Today we want to ...
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
Ars Technica

OAuth and OAuth WRAP: defeating the password anti-pattern

The developers behind the OAuth protocol have developed a new variant called OAuth WRAP that is simpler and easier to implement. It’s a stop-gap solution that will enable broader OAuth adoption while ...