Security Boulevard

The DocuSign Email That Wasn’t – A Three-Redirect Credential Harvest

TL;DR Attackers sent a convincing DocuSign notification with a "Review & Sign" button that chained through Google Maps redirects to an Amazon S3-hosted credential harvesting page. The redirect chain ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...