Wired

Developer Quits OAuth 2.0 Spec, Calls It 'a Bad Protocol'

After three years as lead author and editor of the OAuth 2.0 specification, Eran Hammer has stepped down from his role, withdrawn his name from the spec and even quit the OAuth working group ...
Bleeping Computer

Over One Billion Android Users Susceptible to App Hijacking via OAuth 2.0 Attack

Three researchers from the Chinese University of Hong Kong discovered a flaw in how app developers and identity providers support Single-Sign-On (SSO) via the OAuth 2.0 protocol, a flaw that allows an ...