Find hidden malicious OAuth apps in Microsoft 365 using Cazadora

Malicious OAuth apps can hide inside Microsoft 365 tenants. Huntress Labs' Cazadora script helps uncover rogue apps before ...

New CoPhish attack steals OAuth tokens via Copilot Studio agents

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent ...

CoPhish Attack Exploits Copilot Studio Agents to Steal Microsoft OAuth Tokens

A newly identified phishing technique known as “CoPhish” exploits Microsoft Copilot Studio agents to deliver deceptive OAuth ...
GitHub

OpenAI ChatGPT OAuth Plugin for opencode

This tool uses OpenAI's official OAuth authentication (the same method as OpenAI's official Codex CLI). However, users are responsible for ensuring their usage complies with OpenAI's terms. Commercial ...