security: OAuth redirection abuse enables phishing and malware delivery

Microsoft reports attackers abusing OAuth redirect behavior to move users from legitimate sign-in pages to attacker-controlled sites, enabling phishing and malware delivery via trusted authentication flows.

• Source: Microsoft Security Blog