Sharing content to Mastodon is getting easier with the addition of a universal "Share to Mastodon" button for the decentralized social media platform. Announced on Monday, the widget allows users to share content on any Mastodon server by connecting your Mastodon account and redirecting you to the server that account is on. The blog post announcing the feature also explains that the tool "works entirely in your browser: there is no tracking data, and it does not store any information on the server."
Previously, a "share" widget wasn't available on Mastodon mainly due to the technical challenges that come with the platform's decentralized d …
Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and intentionally invalid scopes to redirect victims to attacker-controlled infrastructure without stealing tokens. Microsoft Defender flagged malicious activity across email, identity, and endpoint signals. Microsoft Entra disabled the observed OAuth applications; however, related OAuth activity persists and requires ongoing monitoring.
Microsoft Defender researchers uncovered phishing campaigns that exploit legitimate OAuth protocol functionality to manipulate URL redirection and bypass conventional phishing defenses across email and browsers. During the investigation, several malicious OAuth applications were identified and removed to mitigate the threat.
OAuth includes a legitimate feature that allows identity providers to redirect users to a specific landing page under certain conditions, typically in error scenarios or other defined flows. Attackers can abuse this native functionality by crafting URLs with popular identity providers, such as Entra ID or Google Workspace, that use manipulated parameters or associated malicious applications to redirect users to attacker-controlled landing pages. This technique enables the creation of URLs that appear benign but ultimately lead to malicious destinations.
Technical details
The attack begins with the creation of a malicious application in an actor-controlled tenant, configured with a redirect URI pointing to a malicious domain hosting malware. The attacker then distributes a phishing link prompting the target to authenticate to the malicious application.
Although the mechanics behind OAuth redirection abuse can be subtle, the operational use is straightforward. Threat actors embed crafted OAuth URLs into common phishing lures, relying on user familiarity with legitimate authentication flows to encourage interaction. To clarify the sequence, the attack is broken down into stages below, starting with delivery and the initial user interaction that triggers the redirection chain.
Stage 1: Email delivery
Several threat actors distributed phishing campaigns containing OAuth redirect URLs. The emails used e-signature requests, social security, financial, and political themes to entice recipients to engage and click the link. Indicators suggest these actors used free prebuilt mass-sending tools as well as custom solutions developed in Python and Node.js. In some cases, cloud email services and cloud-hosted virtual machines were used to distribute the messages.
Most URLs were embedded directly in the email body, but some actors placed the URL and accompanying lure inside a PDF attachment and sent the email with no body content. After the OAuth redirect, some campaigns routed users directly to a phishing page, while others introduced additional verification steps designed to bypass security controls.
We observed misuse of OAuth redirects in both phishing and malware distribution campaigns. To increase credibility, actors passed the target email address through the state parameter using various encoding techniques, allowing it to be automatically populated on the phishing page. The state parameter is intended to be randomly generated and used to correlate request and response values, but in these cases it was repurposed to carry encoded email addresses. Observed encoding methods included:
Plaintext
Hex string
Base64
Custom decoder schemes, for example mapping 11 = a, 12 = b
Once redirected away from the OAuth authentication page, users were typically sent to phishing frameworks such as EvilProxy, among others. These platforms function as attacker-in-the-middle toolkits designed to intercept credentials and session cookies. They often rely on proxy-based login interception and additional obfuscation layers such as CAPTCHA challenges or interstitial pages. At this stage, the attack resembles a conventional phishing attempt, with the added advantage of being delivered through a trusted OAuth identity provider redirect.
Several samples also included fake calendar invite (.ics) attachments or meeting-related messaging to reinforce legitimacy and encourage interaction. By combining trusted authentication URLs with collaboration-themed lures, attackers increased the likelihood of user engagement.
Lure examples
Examples of email lures observed in the phishing/malware campaign and related social engineering themes:
Document sharing and review
Social Security
Teams meeting
Password reset
Employee report lure
Stage 2: Silent OAuth Probe
All of the lures described earlier share a common technique: abuse of OAuth redirection behavior. Attackers sent victims phishing links that, when clicked, triggered an OAuth authorization flow through a combination of crafted parameters. In this section, we outline patterns observed across Microsoft and Google OAuth providers. However, this redirection technique is not limited to those platforms and can be abused with other OAuth-compliant services.
Error is triggered due to requiring an interactive login, but prompt=none prevents that request
Looking in details at the URL crafted for Entra ID, at first glance, this looks like a standard OAuth authorization request, but several parameters are intentionally misused. This example targets all tenants; attackers do not need to target all tenants in their URLs.
Parameter
Purpose
Why attackers used it
/common/
Targets all tenants
Broad targeting
response_type=code
Full OAuth flow
Triggers auth logic
prompt=none
Silent authentication
No UI, no user interaction
scope=<invalid_scope>
Guaranteed failure
Forces error path
This technique abuses the OAuth 2.0 authorization endpoint by using parameters such as prompt=none and an intentionally invalid scope. Rather than attempting successful authentication, the request is designed to force the identity provider to evaluate session state and Conditional Access policies without presenting a user interface.
Setting an invalid scope is one method used to trigger an error and subsequent redirect, but it is not the only mechanism observed. Errors may also occur when:
The user is not logged in
The browser session cannot be retrieved
The user is logged in, but the application lacks a service principal in the user’s tenant
By design, OAuth flows may redirect users following certain error conditions. Attackers exploit this behavior to silently probe authorization endpoints and infer the presence of active sessions or authentication enforcement. Although user interaction is still required to click the link, the redirect path leverages trusted identity provider domains to advance the attack.
Stage 3: OAuth Error Redirect
When silent authentication fails, Microsoft Entra ID returns an OAuth error and redirects the browser to the attacker’s registered redirect URI, along with additional error parameters. The examples below show attacker-controlled phishing pages reached after the OAuth redirection.
Example of URL after error redirection from Microsoft OAuth
https://<attacker-domain>/security/ ?state=<encoded user email> &error_subtype=access_denied &error=interaction_required
Example of URL after error redirection from Google OAuth
What this really means:
Interactive authentication is required: Microsoft Entra ID prompts the user to sign in or complete multifactor authentication.
Session information cannot be reused for silent single sign-on: A session may exist, but it cannot be leveraged silently.
From the attacker’s perspective, this information is useful. It confirms that the user account exists and that silent SSO is blocked, meaning interactive authentication is required.
The attacker does not obtain the user’s access token, as the sign-in fails with error code 65001, indicating the user has not granted the application permission to access the resource. However, the primary objective of this campaign is to redirect the target to a malicious landing page, where follow-on activity such as downloading a malicious file may occur. By hosting the payload on an application redirect URI under their control, attackers can quickly rotate or change redirected domains when security filters block them.
Stage 4: Redirect Abuse and Malware Delivery
Among the threat actors and campaigns abusing OAuth redirection techniques with various landing pages, we identified a specific campaign that attempted to deliver a malicious payload. That activity is described in more detail below.
After redirection, victims were sent to a /download/XXXX path, where a ZIP file was automatically downloaded to the target device.
Observed payloads included ZIP archives containing LNK shortcut files and HTML smuggling loaders.
At this stage, the activity transitions from identity reconnaissance to endpoint compromise.
Stage 5: Endpoint Impact and Persistence
Extraction of the ZIP archive confirmed PowerShell execution, DLL side-loading, and pre-ransom or hands-on-keyboard activity.
The ZIP file downloaded from the malicious redirect contained a malicious .LNK shortcut file that, when opened, executed a PowerShell command. The script initiated host reconnaissance by running discovery commands such as ipconfig /all and tasklist. Following this discovery phase, PowerShell used the tar utility to extract steam_monitor.exe, crashhandler.dll, and crashlog.dat.
PowerShell then launched the legitimate steam_monitor.exe, which was leveraged to side-load the malicious crashhandler.dll. That DLL decrypted crashlog.dat and executed the final payload in memory, ultimately establishing an outbound connection to an external C2 endpoint.
Attack chain.
Mitigation and protection guidance
To reduce risk, organizations should closely govern OAuth applications by limiting user consent, regularly reviewing application permissions, and removing unused or overprivileged apps. Combined with identity protection, Conditional Access policies, and cross-domain detection across email, identity, and endpoint, these measures help prevent trusted authentication flows from being misused for phishing or malware delivery.
The activity described in this report highlights a class of identity-based threats that abuse OAuth’s standard, by-design behavior rather than exploiting software vulnerabilities or stealing credentials. OAuth specifications, including RFC 6749, define how authorization errors are handled through redirects, and RFC 9700 documents security lessons learned from years of real-world deployment. RFC 9700 Section 4.11.2 (“Authorization Server as Open Redirector”) notes that attackers can deliberately trigger OAuth errors, such as by using invalid parameters like scope or prompt=none, to force silent error redirects. Although this behavior is standards compliant, adversaries can abuse it to redirect users through trusted authorization endpoints to attacker-controlled destinations, enabling phishing or malware delivery without successful authentication.
These campaigns demonstrate that this abuse is operational, not theoretical. Malicious but standards-compliant applications can misuse legitimate error-handling flows to redirect users from trusted identity providers to attacker-controlled infrastructure. As organizations strengthen defenses against credential theft and MFA bypass, attackers increasingly target trust relationships and protocol behavior instead. These findings reinforce the need for cross-domain XDR detections, clearer governance around OAuth redirection behavior, and continued collaboration across the security community to reduce abuse while preserving the interoperability that OAuth enables.
Advanced hunting queries
Microsoft Defender XDR customers can run the following query to find related activity in their networks:
Identify URL click events associated with invalid OAuth scope parameter
UrlClickEvents
| where ActionType == "ClickAllowed" or IsClickedThrough == true
| where isnotempty(Url)
| where Url startswith "https://" or Url startswith "http://"
| where Url has "scope=invalid" or UrlChain has "scope=invalid"
Identify URL click launched browser with invalid OAuth scope parameter
DeviceEvents
| where ActionType == "BrowserLaunchedToOpenUrl"
| where isnotempty(RemoteUrl)
| where RemoteUrl startswith "https://" or RemoteUrl startswith "http://"
| where RemoteUrl has "scope=invalid"
Identify downloaded payload after OAuth redirect URL
DeviceFileEvents
| where FileOriginReferrerUrl has_all ("login.", ".com")
| where FileOriginUrl has "error=consent_required"
Identify execution of PowerShell command
DeviceProcessEvents
| where FileName in~ ("powershell.exe", "powershell_ise.exe")
| where ProcessCommandLine has_all (".zip", "Get-ChildItem", ".fullname", "::OpenRead", ".Length;", ".Read(", "byte[]", "Sleep", "TaR")
Identify usage of DLL side-loading
DeviceImageLoadEvents
| where InitiatingProcessFileName =~ "steam_monitor.exe"
| where FileName =~ "crashhandler.dll"
| extend path = tostring(parse_path(FolderPath).DirectoryPath)
| where path =~ InitiatingProcessFolderPath
| where not(path has_any (@"\Windows\System32", @"\Windows\SysWOW64", @"\winsxs\", @"\program files"))
Microsoft Defender for Endpoint
The following Microsoft Defender for Endpoint alerts may indicate threat activity related to this threat. Note, however, that these alerts can be also triggered by unrelated threat activity:
Possible initial access from an emerging threat
Suspicious connection blocked by network protection
An executable file loaded an unexpected DLL file
Hands-on-keyboard attack disruption via context signals
Silent OAuth probe followed by malware delivery attempt
Microsoft Defender Antivirus
Microsoft Defender Antivirus detects components of this threat as the following:
Trojan:Win32/Malgent
Trojan:Win32/Korplug
Trojan:Win32/Znyonm
Trojan:Win32/GreedyRobin.B!dha
Trojan:Win32/WinLNK
Trojan:Win32/WinLNK
Trojan:Win32/Sonbokli
Microsoft Defender for Office 365
• Email messages containing malicious file removed after delivery • Email messages containing malicious URL removed after delivery • Email messages from a campaign removed after delivery.
Threat response recommendations
Block known IOCs (IPs, domains, file hashes) across security tools. Microsoft Client Ids (associated with threat actor’s OAuth Apps):
This research is provided by Microsoft Defender Security Research with contributions from Jonathan Armer, Fernando Dantes, Sagar Patil, Bharat Vaghela, Krithika Ramakrishnan, Sean Reynolds, and Shivas Raina.
Learn more
Review our documentation to learn more about our real-time protection capabilities and see how to enable them within your organization.
This past week, I’ve been deep in the trenches helping customers transform their businesses through AI-DLC (AI-Driven Lifecycle) workshops. Throughout 2026, I’ve had the privilege of facilitating these sessions for numerous customers, guiding them through a structured framework that helps organizations identify, prioritize, and implement AI use cases that deliver measurable business value.
AI-DLC is a methodology that takes companies from AI experimentation to production-ready solutions by aligning technical capabilities with business outcomes. If you’re interested in learning more, check out this blog post that dives deeper into the framework, or watch as Riya Dani teaches me all about AI-DLC on our recent GenAI Developer Hour livestream!
Now, let’s get into this week’s AWS news…
OpenAI and Amazon announced a multi-year strategic partnership to accelerate AI innovation for enterprises, startups, and end consumers around the world. Amazon will invest $50 billion in OpenAI, starting with an initial $15 billion investment and followed by another $35 billion in the coming months when certain conditions are met. AWS and OpenAI are co-creating a Stateful Runtime Environment powered by OpenAI models, available through Amazon Bedrock, which allows developers to keep context, remember prior work, work across software tools and data sources, and access compute.
AWS will serve as the exclusive third-party cloud distribution provider for OpenAI Frontier, enabling organizations to build, deploy, and manage teams of AI agents. OpenAI and AWS are expanding their existing $38 billion multi-year agreement by $100 billion over 8 years, with OpenAI committing to consume approximately 2 gigawatts of Trainium capacity, spanning both Trainium3 and next-generation Trainium4 chips.
Last week’s launches Here are some launches and updates from this past week that caught my attention:
AWS Security Hub Extended offers full-stack enterprise security with curated partner solutions — AWS launched Security Hub Extended, a plan that simplifies procurement, deployment, and integration of full-stack enterprise security solutions including 7AI, Britive, CrowdStrike, Cyera, Island, Noma, Okta, Oligo, Opti, Proofpoint, SailPoint, Splunk, Upwind, and Zscaler. With AWS as the seller of record, customers benefit from pre-negotiated pay-as-you-go pricing, a single bill, no long-term commitments, unified security operations within Security Hub, and unified Level 1 support for AWS Enterprise Support customers.
Transform live video for mobile audiences with AWS Elemental Inference — AWS launched Elemental Inference, a fully managed AI service that automatically transforms live and on-demand video for mobile and social platforms in real time. The service uses AI-powered cropping to create vertical formats optimized for TikTok, Instagram Reels, and YouTube Shorts, and automatically extracts highlight clips with 6-10 second latency. Beta testing showed large media companies achieved 34% or more savings on AI-powered live video workflows. Deep dive into the Fox Sports implementation.
MediaConvert introduces new video probe API — AWS Elemental MediaConvert introduced a free Probe API for quick metadata analysis of media files, reading header metadata to return codec specifications, pixel formats, and color space details without processing video content.
OpenAI-compatible Projects API in Amazon Bedrock — Projects API provides application-level isolation for your generative AI workloads using OpenAI-compatible APIs in the Mantle inference engine in Amazon Bedrock. You can organize and manage your AI applications with improved access control, cost tracking, and observability across your organization.
Amazon Location Service introduces LLM Context — Amazon Location launched curated AI Agent context as a Kiro power, Claude Code plugin, and agent skill in the open Agent Skills format, improving code accuracy and accelerating feature implementation for location-based capabilities.
Amazon EKS Node Monitoring Agent is now open source — The Amazon EKS Node Monitoring Agent is now open source on GitHub, allowing visibility into implementation, customization, and community contributions.
AWS AppConfig integrates with New Relic — AWS AppConfig launched integration with New Relic Workflow Automation for automated, intelligent rollbacks during feature flag deployments, reducing detection-to-remediation time from minutes to seconds.
For a full list of AWS announcements, be sure to keep an eye on the What’s New with AWS page.
Other AWS news Here are some additional posts and resources that you might find interesting:
Introducing Strands Labs — We created Strands Labs as a separate Git organization to support experimental agentic AI projects and push the frontier of agentic development. At launch, we’re making Strands Labs available with three projects. The first is Robots, the second is Robots Sim and the third is AI Functions.
6,000 AWS accounts, three people, one platform: Lessons learned — Architecture blog post on managing massive multi-account environments. Learn how ProGlove implemented a large-scale account-per-tenant model on AWS and how that model shifts complexity from service code to platform operations.
RAG vs GraphRAG: When Agents Hallucinate Answers — This demo builds a travel booking agent with Strands Agents and compares RAG (FAISS) vs GraphRAG (Neo4j) to measure which approach reduces hallucinations when answering queries
New output formats in AWS CLI v2 — You can now use two new features for the AWS Command Line Interface (AWS CLI) v2: structured error output and the “off” output format.
Upcoming AWS events Check your calendar and sign up for upcoming AWS events:
AWS at NVIDIA GTC 2026 — Join us at our AWS sessions, booths, demos, ancillary events in NVIDIA GTC 2026 on March 16 – 19, 2026 in San Jose. You can receive 20% off event passes through AWS and request a 1:1 meeting at GTC.
AWS Summits — Join AWS Summits in 2026, free in-person events where you can explore emerging cloud and AI technologies, learn best practices, and network with industry peers and experts. Upcoming Summits include Paris (April 1), London (April 22), and Bengaluru (April 23–24).
AWS Community Days — Community-led conferences where content is planned, sourced, and delivered by community leaders. Upcoming events include JAWS Days in Tokyo (March 7), Chennai (March 7), Slovakia (March 11), and Pune (March 21).
Most applications used by millions of people every single day are powered by JavaScript/TypeScript. But when it comes to AI, most learning resources and code samples assume you’re working in Python and will leave you trying to stitch scattered tutorials together to build AI into your stack.
The JavaScript AI Build-a-thon is a free, hands-on program designed to close that gap. Over the course of four weeks (March 2 – March 31, 2026), you’ll move from running AI 100% on-device (Local AI), to designing multi-service, multi-agentic systems, all in JavaScript/ TypeScript and using tools you are already familiar with.
The series will culminate in a hackathon, where you will create, compete and turn what you’ll have learnt into working projects you can point to, talk about and extend.
The Build-a-thon prioritizes practical learning, so you’ll complete 2 guided projects by the end of this phase:-
1. A Local Serverless AI chat with RAG
Concepts covered include: –
RAG Architecture
RAG Ingestion pipeline
Query & Retrieval
Response Generation (LLM Chains)
2. A Burger Ordering AI Agent
Concepts covered include: –
Designing AI Agents
Building MCP Tools (Backend API Design)
Phase II: Global Hack! (Mar 13 – 31)
Product demo series to showcase the latest product features that will accelerate your builder experience
A Global hackathon to apply what you learn into real, working AI solutions
This is where you’ll build something that matters using everything learnt in the quests, and beyond, to create an AI-powered project that solves a real problem, delights users, or pushes what’s possible.
The hackathon launches on March 13, 2026. Full details on registration, submission, judging criteria, award categories, prizes, and the hack phase schedule will be published when the hack goes live. Stay tuned!
But, here’s what we can tell you now:
6 award categories
Product demo showcases throughout the hack phase to keep you building with the latest tools
Teams of up to 4 or solo. Your call
Start Now (Join the Community)
Join our community to connect with other participants and experts from Microsoft &. GitHub to support your builder journey.
Log in
6 award categories
Product demo showcases throughout the hack phase to keep you building with the latest tools
Teams of up to 4 or solo. Your call