GitHub

OpenAI ChatGPT OAuth Plugin for opencode

This tool uses OpenAI's official OAuth authentication (the same method as OpenAI's official Codex CLI). However, users are responsible for ensuring their usage complies with OpenAI's terms. Commercial ...

Find hidden malicious OAuth apps in Microsoft 365 using Cazadora

Malicious OAuth apps can hide inside Microsoft 365 tenants. Huntress Labs' Cazadora script helps uncover rogue apps before ...
GitHub

Single sign-on (SSO)

Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. SSO supporters place emphasis on it ...
The Hacker News

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 ...
Cloud Security Alliance

When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...