Hosted on MSN

Winter '26 SAML Changes Break Your SSO: How to Fix It Before the Deadline

SAML has been the backbone of enterprise Single Sign-On for over a decade, but its XML-based complexity often hides critical vulnerabilities until a major platform update strikes. As Salesforce and ...
Statetechmagazine

SAML: How It Works and How to Implement It

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...
CSOonline

SAML authentication broken almost beyond repair

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...
Bleeping Computer

GitLab patches critical authentication bypass vulnerabilities

GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws.
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
Dark Reading

SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector

The recently disclosed compromise at SolarWinds and the subsequent targeting of numerous other organizations have focused attention on a dangerous Active Directory Federation Services (ADFS) bypass ...
BizTech

Understanding SAML: How It Works and How to Implement It

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...