Legacy OAuth as Attack Infrastructure: LSHIY's ROPC Spray and the MFA Bypass Built Into the Protocol
A coordinated password spray campaign exploited the deprecated ROPC OAuth flow to bypass MFA and Conditional Access across 64 organizations, while a CVSS 10.0 RMM auth bypass hit its federal remediation deadline today with payloads already targeting cloud and AI API keys.
Security