OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
Unwitting employees register a hacker’s device to their account; the crook then uses the resulting OAuth tokens to maintain persistent access.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results