根据 Oracle NetSuite 最新发布的 2026.1 Release Notes 官方路线图，平台即将对外部系统集成的身份验证机制进行重要的安全升级。作为400+客户的系统集成与咨询服务伙伴，Hitpoint Cloud始终致力于保障客户业务系统的稳定、安全运行，并持续关注平台技术与安全能力的升级变化。为帮助客户提前了解升级影响、确保业务系统持续稳定运行，Hitpoint Cloud特此 ...

New open source plugin embeds an MCP server into CrafterCMS, enabling AI agents to securely access content, APIs, and ...

PCWorld reports that Anthropic and Google are banning users who connect flat-rate Claude or Gemini accounts to OpenClaw due to excessive AI token consumption. Google DeepMind cites “malicious usage” ...

In December, the Push Security research team discovered and blocked a brand new attack technique that we coined ConsentFix. This technique merged ClickFix-style social engineering with OAuth consent ...

Hackers are abusing a legitimate Microsoft authentication feature to break into enterprise Microsoft 365 accounts, even when multifactor authentication is enabled. Security researchers warn that ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

IT managers have limited visibility into when users give external apps access to company data. When those external apps are AI agents, the security risks multiply by orders of magnitude. Okta has ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Andres Almiray, a serial open-source ...

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. The technique was ...

The August 2025 Salesloft Drift breach demonstrates a systemic security blind spot across all industries: third-party delegated access through OAuth integrations. Over 700 organizations — including ...