Cloud Security Alliance

When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

A look at the Salesloft-Drift OAuth breach, how token misuse bypassed MFA, and steps to strengthen SSPM and ITDR in SaaS ...
GitHub

Codex CLI: Support any Azure OpenAI-compatible endpoint (custom DNS, Bearer & api-key auth, OAuth/refresh token support; parity with standard Python SDKs)

Codex CLI currently recognizes Azure OpenAI endpoints only if their hostname contains select hardcoded Azure substrings, and only supports api-key authentication. This ignores enterprise-standard ...
GitHub

Linear OAuth2 API fails with 503 error

I am trying to authorize the linear oauth client with actor permissions. However, once I authorize the app in the pop up, it redirects me to https://**-app.n8n.cloud ...