Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

Fake Google Security site uses PWA app to steal credentials, MFA codes

A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time ...

New 'Oblivion' RAT Malware Can Silently Hijack Your Android Phone

Meet Oblivion, the new RAT malware that bypasses Android security to gain full device control: Here's how it works and how to stay safe.

Vibe coding service Lovable accused of hosting malware-ridden apps exposing thousands of users — it says they should take more care

Vibe coding platform Lovable has been accused of hosting insecure apps after security researcher Taimur Khan found one Lovable-showcased app (EdTech) to contain 16 vulnerabilities, six of which ...