Dark Reading

Learn SAML: The Language You Don't Know You're Already Speaking

Security Assertion Markup Language (SAML): You may have heard of it. You've likely used it at least once today to log into a website portal or enterprise application ...
Dark Reading

GitLab Warns of Max Severity Authentication Bypass Bug

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Mobile ID World

Fortinet SSO Admin Login Flaw: New SAML Bypass CVEs Spur Multi-Product Patch Planning

While patching is positioned as the primary fix, interim risk reduction measures cited by advisories include limiting administrative interfaces to trusted networks and, where feasible, temporarily ...
CSOonline

5 best practices to secure single sign-on systems

The recent “Sign in with Apple” vulnerability earned a researcher $100,000 as a part of Apple’s bug bounty program. The flaw itself arose from an OAuth-style implementation that did not properly ...