Post #8890

🚨 9 days ago, a compromised OAuth token resulted in a breach at Vercel. This is the reality facing security teams: 🥷 An infostealer hits a vendor in your SaaS ecosystem, the attacker works backwards from stolen access, and an old consent becomes the front door. 🚪 If you haven't made OAuth grant reviews a regular part of your on-going security program, you should. Here's a step-by-step guide from Nudge Security to help you → https://thn.news/oauth-checklist