oauth
Safeguard articles tagged "oauth" — guides, analysis, and best practices for software supply chain and application security.
21 articles
Microsoft Midnight Blizzard Source Code Theft 2024
Midnight Blizzard moved from email exfiltration to Microsoft source code repositories. The pivot from stolen OAuth tokens to code access is the supply chain lesson.
Heroku OAuth Token Leak Postmortem and Lessons
A retrospective on the Heroku OAuth token incident, what the public timeline revealed about supply chain trust assumptions, and the durable lessons for platform teams.
How to authorize and scope permissions for autonomous AI ...
A practical, step-by-step guide to AI agent authorization: scoping permissions, using OAuth for machine identities, and verifying least-privilege boundaries hold in production.
Salesloft Drift OAuth Breach: 700+ Salesforce Tenants Compromised
UNC6395 stole Salesloft Drift OAuth tokens to exfiltrate Salesforce data from more than 700 organisations including Cloudflare, Zscaler, and Palo Alto Networks in August 2025.
MCP 2025-06-18: OAuth Resource Server Rules Defenders Must Understand
The June 2025 MCP spec made every server an OAuth 2.1 resource server, mandated RFC 8707 resource indicators, and added elicitation. Here is what changes for blue teams.
What Is OAuth
OAuth lets one app access your data in another without ever seeing your password. Learn how delegated access works, what tokens and scopes do, and why it matters.
OAuth Token Security Throughout the Lifecycle
OAuth tokens grant access to APIs, services, and user data. Their security across creation, storage, use, and revocation determines your application risk posture.
GitHub OAuth Token Theft: The Heroku and Travis CI Breach
Attackers stole OAuth tokens from Heroku and Travis CI to access private GitHub repositories across dozens of organizations, including npm itself. The full scope of the breach took weeks to unravel.
Heroku and GitHub OAuth Token Theft: The Early Warning Signs
Stolen OAuth tokens from Heroku's integration with GitHub gave attackers access to private repositories across dozens of organizations. The breach revealed systemic weaknesses in third-party OAuth integrations.