Day: February 25, 2026

Microsoft has warned about a phishing campaign that primarily targets government and public-sector organizations by abusing the redirection feature in OAuth authentication. OAuth is widely used to allow users to log in to websites or applications using existing accounts without sharing their passwords. In this campaign, attackers exploit the legitimate redirect function within the OAuth […]