WeLiveSecurity

Facebook: No evidence attackers used stolen access tokens on third-party sites

Facebook has announced that it found no evidence that attackers had used stolen account access tokens on other websites or apps that enable users to access their accounts using Facebook Login. This ...
glamsham.com

Hackers stole customer access tokens from Okta’s support unit, admits firm

Identity and access company Okta has identified “adversarial activity” that leveraged access to a stolen credential to access Okta’s support case management system. The threat actor was able to view ...
Threat Post

Leaky Access Tokens Exposed Amazon Photos of Users

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents. The Amazon Photos app for Android insufficiently protected user access tokens, according to ...