The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...

Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery

Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

4Chan knew about Jeffrey Epstein's death 38 minutes before the rest of the world. The FBI tried to figure out how.

The Epstein files address a long-running side plot of Jeffrey Epstein's 2019 death while in jail on sex-trafficking charges.
XDA Developers on MSN

If you're leaving Discord, make sure to use this plugin before deleting your account

Better safe than sorry ...
The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages.

APT37 hackers use new malware to breach air-gapped networks

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

When Chatbots Are Used to Plan Violence, Is There a Duty to Warn?

People are revealing sensitive personal information to A.I. chatbots — including plans to commit violent acts.