#oauth-abuse
#oauth-abuse

[ follow ]

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

Agentic browser access to Gmail and Google Drive can be triggered by natural-language emails to delete entire Google Drive contents without user confirmation.

Information security

fromInfoWorld

3 months ago

A wake-up call for identity security in devops

OAuth app permissions often lack centralized visibility and governance, enabling attackers to abuse authorized tokens to access code, secrets, and pivot across infrastructure.

[ Load more ]

#oauth-abuse#oauth-abuse

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A wake-up call for identity security in devops

#oauth-abuse
#oauth-abuse