Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ...

As Chief Information Security Officers (CISOs) and security leaders, you are tasked with safeguarding your organization in an ...

An unknown cybercriminal is using Anthropic's AI chatbot to infiltrate Mexican government networks. This follows a worrying trend.

Microsoft has warned that attackers are abusing OAuth redirects to deliver phishing and malware via Entra ID and Google Workspace logins.

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...