Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...
ZDNet

Microsoft is changing the way you sign in - and it could be a security nightmare

Those of you who use a Microsoft account to sign in to Microsoft websites should be aware of an upcoming change that could put your security at risk. In a recent update to a support page on using a ...
Fox News

How fake Microsoft alerts trick you into phishing scams

A phishing scam posing as a Microsoft security alert is targeting users with emails that claim an alert has been triggered on their account. The link appears safe at first glance, often pointing to a ...
Microsoft

Detecting and analyzing prompt abuse in AI tools

Hidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works, highlighting the need for oversight and a structured response playbook.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Forbes

Critical 10/10 Microsoft Cloud Security Vulnerability Confirmed

Update, May 11, 2025: This story, originally published May 9, has been updated with more details on the move towards greater cloud Common Vulnerabilities and Exposures (CVE) transparency by both ...