The Hacker News

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.
CSO Online

OAuth vulnerability in n8n automation platform could lead to system compromise

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...
The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
GitHub

Godot OAuth 2.0 Plugin

A Godot plugin that provides a unified GDScript interface for OAuth 2.0 authentication flows on Android and iOS. It supports popular OAuth providers via presets (Google, Apple, GitHub, Discord, Auth0) ...
IEEE

sTrade 2.0: Efficient Mutual Authentication Scheme for Energy Trading in V2G Using Physically Unclonable Function

Abstract: This article presents a mutual authentication scheme for vehicle-to-grid (V2G) using physical unclonable functions (PUFs). Various security challenges exist during the transfer of ...
Houston Chronicle

Texans are 7th team to make playoffs after starting 0-3. How the first 6 fared

Next week, the Houston Texans will begin the playoffs as part of a rare group in NFL history. This season's Texans are just the seventh team since 1980 to overcome a 0-3 start to make the playoffs, ...
IEEE

A Smart Contract-Based Authentication Scheme for Securing Metaverse Environment in Web 3.0

Abstract: The Metaverse has evolved into a transformative ecosystem, merging virtual and physical realities with consumer electronics and IoT to enable immersive experiences. However, vulnerabilities ...