Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
Shacknews

How to fix the 'You have not been online in 30 days' error - Diablo 2: Resurrected on Steam

Online games like Diablo 2: Resurrected are bound to have the odd connection error, but the error saying “You have not been online in 30 days” is particularly ...