Skip to main content

Tag: identity spoofing

2 articles

Brightly-lit server room with rows of humming servers and a lone technician inspecting a rack, hinting at potential…

Cyber-attackers Exploit OAuth Client ID Spoofing in Cloud Environments

Cyber-attackers are increasingly using OAuth Client ID spoofing to infiltrate cloud environments, with multiple campaigns emerging, each with unique tools and infrastructure. This technique allows attackers to cleverly abuse Microsoft Entra ID by mimicking legitimate authentication requests.

Analyst 207
Masked figure in hoodie sits before laptop with Git repository, surrounded by distorted identity symbols.

AI Code Reviewer Vulnerable to Git Identity Spoofing

Imagine a security system that can be tricked into trusting a foe as a friend with just two lines of code - that's what happened with Anthropic's AI code reviewer, Claude, which was vulnerable to Git identity spoofing. This simple hack allowed researchers to forge a trusted developer's identity and get hostile code approved in no time.

Analyst 207