ZDNet

Covert Redirect mostly hype and certainly no Heartbleed

A researcher's contention of security flaws in OAuth and OpenID has serious flaws of its own, according to those familiar with the specifications. News of the security issues hit hard Friday claiming ...
CSOonline

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...