Checkmk: Highly risky cross-site scripting flaw in network monitoring software

The developers have released updated Checkmk versions. They close a at least highly risky cross-site scripting vulnerability.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.