OAuth Security Risks: A Governance Framework for CIOs & CISOs | Cyera | Cyera Blog

This Cyera Research report highlights the growing enterprise risk from unmanaged OAuth applications, showing how attackers use malicious or impersonating OAuth apps to maintain stealthy, durable access that survives MFA and off-boarding; it presents an automated detection and reputation-scoring framework, and documents multiple real-world campaigns (including Unicode homoglyph impersonation, SANS-related malicious apps, and 2025 AiTM phishing) that exposed sensitive data at scale.