Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/03/attackers-abuse-oauths-built-in-redirects-to-launch-phishing-and-malware-attacks/
