Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...
Yahoo

Microsoft 365 Email Scam Spreads Worldwide—Don’t Fall for It

New phishing tool targets Microsoft 365 accounts. 76 percent of attacks detected in the US since August. Phishing emails redirect through a system of fake links. A phishing platform called Quantum ...
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...