Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.

The post Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks appeared first on Security Boulevard.