Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware downloads.

Omer Tsarfati and his team at security firm CyberArk are now finally able to discuss a major OAuth 2.0 vulnerability that affects Microsoft Azure web services which they have been sitting on since ...