Secure Planet Training Courses Updated For 2019 - Click Here

There are new available articles, click to refresh the page.

Yesterday — June 23^rd 2025Your RSS feeds

/r/netsec - Information Security News & Discussion
What secures LLMs calling APIs via MCP? A stack of OAuth specs—here’s how they fit together
June 23^rd 2025 at 14:55

What secures LLMs calling APIs via MCP? A stack of OAuth specs—here’s how they fit together

By: ／u／Smooth-Loquat-4954

Model Context Protocol is quickly becoming the default way for LLMs to call out to tools and APIs—but from a security standpoint, it’s been a little hand-wavy. This post fixes that.

It shows how five OAuth specs—including dynamic client registration and protected resource metadata—combine to form a secure, auditable, standards-based auth flow for MCP.

submitted by /u/Smooth-Loquat-4954
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
June 23^rd 2025 at 14:55

Before yesterdayYour RSS feeds

/r/netsec - Information Security News & Discussion
SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries
March 17^th 2025 at 13:33

SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries

By: ／u／Smooth-Loquat-4954

submitted by /u/Smooth-Loquat-4954
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
March 17^th 2025 at 13:33

/r/netsec - Information Security News & Discussion
Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight
November 13^th 2024 at 03:38

Ruby SAML CVE-2024-45409: As bad as it gets and hiding in plain sight

By: ／u／Smooth-Loquat-4954

submitted by /u/Smooth-Loquat-4954
[link] [comments]

🏷️ My labels
- ❌
Article tags
- ❌
- r/netsec
November 13^th 2024 at 03:38