{"id":239903,"date":"2026-05-05T07:58:00","date_gmt":"2026-05-05T11:58:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/05\/the-back-door-attackers-know-about-and-most-security-teams-still-havent-closed\/"},"modified":"2026-05-05T20:10:06","modified_gmt":"2026-05-06T00:10:06","slug":"the-back-door-attackers-know-about-and-most-security-teams-still-havent-closed","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/05\/the-back-door-attackers-know-about-and-most-security-teams-still-havent-closed\/","title":{"rendered":"The Back Door Attackers Know About \u2014 and Most Security Teams Still Haven\u2019t Closed"},"content":{"rendered":"

The Back Door Attackers Know About \u2014 and Most Security Teams Still Haven\u2019t Closed<\/a><\/p>\n

https:\/\/thehackernews.com\/2026\/05\/the-back-door-attackers-know-about-and.html<\/a><\/p>\n

Publish Date: 2026-05-05 07:58:00<\/a><\/p>\n

Source Domain: thehackernews.com<\/a><\/p>\n

Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a persistent OAuth token with no expiration date, no automatic cleanup, and in most organizations, no one watching it. Your perimeter controls don’t see it. Your MFA doesn’t stop it. And when an attacker gets hold of one, they don’t need a password.<\/p>\n

OAuth grants don’t expire when employees leave. They don’t reset when passwords change. And in most organizations, nobody is watching them.<\/p>\n

The model made sense when a handful of IT-approved apps needed calendar access. It doesn’t hold up when every employee is independently wiring AI tools, workflow automations, and productivity apps directly into their Google or Microsoft environment \u2014 each one receiving a persistent, scoped token with no automatic expiration and no centralized visibility.<\/p>\n

That’s not a misconfiguration. It’s how OAuth is designed to work. The gap is that most security programs weren’t built to account for it at scale.<\/p>\n

CISOs know it’s a problem. Most aren’t solving it.<\/h2>\n

New research from Material Security quantifies the gap between awareness and action. 80% of security leaders consider unmanaged OAuth grants a critical or significant risk. Most have said as much for years.<\/p>\n

\"\"<\/p>\n

But awareness doesn’t translate directly into capability.\u00a0 A substantial portion of organizations (45%) are doing nothing to monitor OAuth grants at scale. Many of the rest (33%) are running manual processes \u2014 tracking grants in spreadsheets, reviewing permissions on an ad hoc basis, relying on employees to flag unusual app behavior.<\/p>\n

\"\"<\/p>\n

Spreadsheets are not a threat response capability. They’re a record of how much exposure an organization doesn’t know it has.<\/p>\n

It’s not theoreticalrisk<\/h2>\n

The argument for OAuth visibility often gets framed as employees piping sensitive information into third-party tools without IT visibility. That’s a real problem, but it’s the smaller one. The more pressing…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

The Back Door Attackers Know About \u2014 and Most Security Teams Still Haven\u2019t Closed https:\/\/thehackernews.com\/2026\/05\/the-back-door-attackers-know-about-and.html…<\/p>\n","protected":false},"author":1,"featured_media":239904,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhMhaEkMCxALglRWDFwTHVYgZ0KrRmAuzdwfh0zbL5Ml163rakQSv8yRVQ8yTQ4xIAtcwdqvGyVXeZXgXGNYKoyStckJv2xzjH3f1O7oICND5cWbnIBGYkSVJbpDRYHH9XqNfFQNk1qWIVwd43UuJv2vozhpndzCMS789h026IKgX1t7pgp01AtI6i9wKE\/s1600\/material.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26],"class_list":["post-239903","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/239903"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=239903"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/239903\/revisions"}],"predecessor-version":[{"id":239905,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/239903\/revisions\/239905"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/239904"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=239903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=239903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=239903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}