Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery

Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ...
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted ...
InfoWorld

Angular releases patches for SSR security issues

Server-side rendering vulnerabilities could allow attackers to steal authorization headers or perpetrate phishing and SEO ...
Dark Reading

Indian APT 'Sloppy Lemming' Targets Defense, Critical Infrastructure

India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
Security Boulevard

Invisible Threats: Source Code Exfiltration in Google Antigravity

Source Code Exfiltration in Google Antigravity‍TL;DR: We explored a known issue in Google Antigravity where attackers can ...

The Giant Cottonmouth That Broke Records Near the North Carolina Border

Snakes vary in size, from the tiny size of the Barbados thread snake to the massive reticulated python. Sizes also vary ...
Security Boulevard

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...