Google's security team look at how ShinyHunters has rolled out SSO scams

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...
The Verge

Google’s login chief would rather you use Apple’s sign-in button than keep using passwords

Apple shook up the world of logins last week, offering a new single sign-on (or SSO) tool aimed at collecting and sharing as little data as possible. It was a deliberate shot at Facebook and Google, ...
ZDNet

Should you stop logging in through Google and Facebook? Consider these SSO risks vs. benefits

Many sites let you sign in with an existing login from consumer SSO providers. This approach results in a potentially risky centralization of your credentials. Passkeys allow you to compartmentalize ...