On March 2, 2026, Microsoft published an advisory on OAuth redirection abuse enabling phishing and malware delivery. Attackers register OAuth apps with malicious redirect URIs, then trick users into authenticating through legitimate Microsoft login โฆ
