OAuth Security

Security vulnerabilities, best practices, and attack vectors related to the OAuth authorization framework, including token misuse, insecure defaults, and third-party trust exploitation.

Reading List

The Vercel Breach: OAuth Vulnerabilities and the Risk of Insecure Secret Defaults

The Vercel Breach: OAuth Vulnerabilities and the Risk of Insecure Secret Defaults

Apr 21, 2026368

A long-term breach at Vercel exploited a third-party OAuth trust and insecure default settings to expose customer secrets at a platform scale.

Supply Chain Security API Key Security Cybersecurity OAuth Security CI/CD