Post by Wiz

Would you click "Accept"? 🤔 Wiz Research just uncovered multiple malicious Azure OAuth campaigns hiding in plain sight, fake apps impersonating tools like DocuSign and Adobe to gain long-term access with a single click. No passwords stolen. No MFA bypass. Just consent. So we built OAuth Apps Scout, an automated detection pipeline that analyzes app metadata, reply URLs, publisher context, permissions, and even uses AI to reason across signals. Result? Malicious OAuth apps identified across 20+ organizations. 🔎 Attackers are getting stealthier. GOOD NEWS: They still leave signals. Full research is live >> https://lnkd.in/d48UMBuQ