Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Hackers Are Exploiting OAuth Loophole for Persistent Access - and Resetting Your Password Won't Save You

Summary by Tech Radar
These fully automated attacks let hackers retain serious access to OAuth apps.

9 Articles

Tech RadarTech Radar
Center

Hackers are exploiting OAuth loophole for persistent access - and resetting your password won't save you

These fully automated attacks let hackers retain serious access to OAuth apps.

·United Kingdom
Read Full Article
Help Net SecurityHelp Net Security

Attackers turn trusted OAuth apps into cloud backdoors

Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or multifactor authentication (MFA) is enforced. What is OAuth and how do attackers exploit it? OAuth is an authorization protocol that lets apps conn…

Read Full Article
Global Security Mag OnlineGlobal Security Mag Online
Reposted by
Global Security Mag OnlineGlobal Security Mag Online

Oauth Applications Hijacked as Permanent Backdoors in the Cloud - Proofpoint Search

Proofpoint's cybersecurity researchers have recently discovered an increasingly common cybercriminal tactic of using OAuth applications to maintain long-term access to cloud environments. This technique allows us to maintain access even after resetting identifiers or setting up multifactorial authentication (MFA). In their analysis, Proofpoint researchers demonstrate how these malicious applications can bypass traditional defenses and how this a…

Read Full Article
SecurityBrief AustraliaSecurityBrief Australia
+2 Reposted by 2 other sources

Weaponised OAuth apps allow persistent access to cloud accounts

Proofpoint reveals how weaponised OAuth apps enable hackers to maintain cloud access despite password resets and MFA, threatening persistent account takeover.

Read Full Article
GBHackers On SecurityGBHackers On Security
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

Hackers Exploit OAuth Apps to Keep Cloud Access Even After Password Resets

Cloud account takeover attacks have evolved beyond simple credential theft. Cybercriminals are now exploiting OAuth applications to maintain persistent access to compromised environments, bypassing traditional security measures like password resets and multifactor authentication. Cloud account takeover (ATO) attacks have become a significant concern in recent years, with cybercriminals and state-sponsored actors increasingly adopting malicious O…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

GBHackers On Security broke the news in on Wednesday, October 22, 2025.
Sources are mostly out of (0)

Similar News Topics

Apps icon

Apps

News
For You
SearchBlindspotLocal