Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Security Boulevard

Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks

Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.
GIGAZINE

How does 'OAuth 2.0' used to give access permission on SNS etc. work?

In account authentication, there are multiple factors such as the account owner and services that provide accounts such as Facebook and Spotify. In OAuth, the following four types of roles called ...