Security Boulevard

When Proxies Become the Attack Vectors in Web Architectures

Many Reverse proxy attack vectors expose a flawed assumption in modern web architectures that backends can blindly trust security-critical headers from upstream reverse proxies. This assumption breaks ...
The Hacker News

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
GitHub

MCP Google Sheets Server

IMPORTANT: This server requires access to your Google Drive and Google Sheets data. By using this server, you are granting the connected AI assistant the ability to: Search for Google Sheets files you ...
GitHub

Godot OAuth 2.0 Plugin

A Godot plugin that provides a unified GDScript interface for OAuth 2.0 authentication flows on Android and iOS. It supports popular OAuth providers via presets (Google, Apple, GitHub, Discord, Auth0) ...