"Flaws in the implementation of the Open Authorization (OAuth) standard ... could have allowed attackers to take over hundreds of millions of user accounts" (Grammarly / Vidio / Bukalapak)

https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions