Yahoo Finance

Semperis Research Uncovers Ongoing Risk from nOAuth Vulnerability in Microsoft Entra ID, Affecting Enterprise SaaS Applications

nOAuth continues to go undetected by SaaS vendors, who may not even know what to look for and it is nearly impossible for enterprise customers to defend against, allowing attackers to take over ...
ITWire

iTWire - Semperis Research Uncovers Ongoing Risk from nOAuth Vulnerability in Microsoft Entra ID, Affecting Enterprise SaaS Applications

nOAuth was first disclosed in 2023 by Omer Cohen of Descope, highlighting a flaw in how some SaaS applications implement OpenID Connect. Semperis’ follow-up research focused on Entra-integrated ...