Threat Post

Open Redirect Flaw Snags Amex, Snapchat User Data

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Attackers are exploiting a well-known open redirect flaw to phish people’s ...
CSOonline

Open redirect on Yahoo

yahoo open redirect vulnerability and reported it to yahoo 10 days ago. However, yahoo did nothing about it. The following is full disclosure. Attachment is prove of concept video. And the link below ...
Threat Post

Open Redirect Bug in Bridge Theme Plugin Opens Admins to Spearphishing

The Qode Instagram Widget and Qode Twitter Feed both have bugs that could allow redirects to malicious sites. Two open-redirect vulnerabilities in Bridge, a commercial WordPress theme purchased more ...
Dark Reading

American Express, Snapchat Open-Redirect Vulnerabilities Exploited in Phishing Scheme

Malicious actors have been taking advantage of open-redirect vulnerabilities affecting American Express and Snapchat domains to send phishing emails targeting Google Workspace and Microsoft 365 users.
Bleeping Computer

Latest Open Redirect news

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. AI is ...