Threat Post

Open Redirect Flaw Snags Amex, Snapchat User Data

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Attackers are exploiting a well-known open redirect flaw to phish people’s ...
Infosecurity-magazine.com

Hackers Exploit Open Redirect Vulnerabilities to Conduct LogoKit Phishing Campaigns

Threat actors (TA) leveraged Open Redirect Vulnerabilities in online services and apps to bypass spam filters and deliver phishing content, according to new data from cybersecurity researchers ...
SiliconANGLE

Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns

A new report released today by HP Inc. is warning that cybercriminals are using “cat-phishing” techniques to deceive victims by redirecting them to malicious websites through seemingly legitimate ...
Bleeping Computer

Snapchat, Amex sites abused in Microsoft 365 phishing attacks

Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. Open redirects are web app weaknesses that allow ...
CSOonline

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...