Threat Post

Open Redirect Flaw Snags Amex, Snapchat User Data

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Attackers are exploiting a well-known open redirect flaw to phish people’s ...
Infosecurity-magazine.com

Hackers Exploit Open Redirect Vulnerabilities to Conduct LogoKit Phishing Campaigns

Threat actors (TA) leveraged Open Redirect Vulnerabilities in online services and apps to bypass spam filters and deliver phishing content, according to new data from cybersecurity researchers ...
InfoWorld

Angular releases patches for SSR security issues

Server-side rendering vulnerabilities could allow attackers to steal authorization headers or perpetrate phishing and SEO hacking.
SiliconANGLE

Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns

A new report released today by HP Inc. is warning that cybercriminals are using “cat-phishing” techniques to deceive victims by redirecting them to malicious websites through seemingly legitimate ...
Bleeping Computer

Snapchat, Amex sites abused in Microsoft 365 phishing attacks

Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. Open redirects are web app weaknesses that allow ...
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...