More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. AI is ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Imagine receiving a promotional email from a business you trust, sending you a “one-time-only” offer for being a customer. Because the offer sounds too good to be true, you suspect that something ...

Spammers have recently taken advantage of an open-redirect vulnerability to phish users and trick them into clicking through links that appear to be coming from government (.gov) URLs. Spammers have ...

A new report released today by HP Inc. is warning that cybercriminals are using “cat-phishing” techniques to deceive victims by redirecting them to malicious websites through seemingly legitimate ...

yahoo open redirect vulnerability and reported it to yahoo 10 days ago. However, yahoo did nothing about it. The following is full disclosure. Attachment is prove of concept video. And the link below ...

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Attackers are exploiting a well-known open redirect flaw to phish people’s ...

Google and Adobe open redirects are being used by phishing campaigns in order to add legitimacy to the URLs used in the spam emails. An open redirect is an URL on a web site that can be used by anyone ...

Malicious actors have been taking advantage of open-redirect vulnerabilities affecting American Express and Snapchat domains to send phishing emails targeting Google Workspace and Microsoft 365 users.