OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...
Infosecurity Magazine

Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack ...
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...
Cybernews

AI-driven hacking uses booking.com and Microsoft Teams in vibe coding and “flat pack” malware campaigns

AI is helping cybercriminals to rapidly assemble malware with flat-pack efficiency. It’s almost like buying a sofa from Ikea, ...

Microsoft warns of malware campaign with gaming tools

Microsoft warns of a campaign on chat platforms where attackers slip malware to victims as supposed gaming tools.

‘Pray We Make It Through the Night’: Iran’s Capital Under Siege

Many residents of Tehran managed to get out of town when the U.S. and Israel attack began, but others who could not described ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.