Select Website Language

English

हिंदी

తెలుగు

Login

Don't have an account? Register Now

Create Account

I agree to the Terms of Use.

Already have an account? Login

Reset password

Remember your password? Log in

Terms and conditions

Terms and Conditions

These terms and conditions apply to the News National app (hereby referred to as "Application") for mobile devices that was created by (hereby referred to as "Service Provider") as an Ad Supported service.

Upon downloading or utilizing the Application, you are automatically agreeing to the following terms. It is strongly advised that you thoroughly read and understand these terms prior to using the Application. Unauthorized copying or modification of the Application, any part of the Application, or our trademarks is strictly prohibited. Any attempts to extract the source code, translate the Application into other languages, or create derivative versions are not permitted. All intellectual property rights remain the property of the Service Provider.

The Service Provider is dedicated to ensuring the Application is as beneficial and efficient as possible. They reserve the right to modify the Application or charge for services at any time and for any reason. Any such charges will be clearly communicated.

The Application stores and processes personal data provided by you. You are responsible for maintaining the security of your device and access to the Application. Jailbreaking or rooting your device is strongly discouraged as it may compromise security and application performance.

Third-Party Services

The Application uses third-party services that have their own Terms and Conditions. Refer to the following links:

Google Play Services
AdMob
Google Analytics for Firebase
Firebase Crashlytics

Limitations and Responsibilities

Some Application functions require an internet connection (Wi-Fi or mobile data). The Service Provider is not responsible if the Application does not function fully due to lack of access or depleted data. If using the Application outside a Wi-Fi area, you accept responsibility for any charges incurred, including roaming fees. If you are not the bill payer, it is assumed you have obtained permission.

It is your responsibility to keep your device charged. The Service Provider is not responsible if the device is unavailable due to a drained battery.

While the Service Provider strives to keep the Application updated and accurate, they rely on third-party data and do not accept liability for losses caused by reliance on Application functionality.

Updates and Termination

The Application may be updated to remain compatible with the operating system. You agree to install updates as offered. The Service Provider may discontinue the Application at any time without notice. Upon termination:

Rights and licenses granted to you will end.
You must stop using the Application and delete it from your device.

Changes to These Terms and Conditions

The Service Provider may update these Terms and Conditions periodically. Please review this page regularly. Changes will be posted on this page.

Effective Date: 2025-07-23

Contact Us

If you have questions or suggestions about the Terms and Conditions, contact the Service Provider at:
📧 info@news-national.com

Do you agree to our terms? Sign up

Microsoft Flags New OAuth-Based Phishing Attack Targeting Public Sector

ABP LIve

1 hour ago

1

0 👍 ❤️ 😂 😮 😢 😡

A new phishing campaign has been discovered that uses a clever trick inside the OAuth login system. Security researchers from Microsoft Defender say attackers are abusing the normal redirection feature of OAuth to send users to malicious websites. Unlike traditional phishing attacks that try to steal passwords or tokens directly, this method works differently. It triggers an error in the authentication process, so the system automatically redirects the victim’s browser.

The campaign mainly targets government and public-sector organisations. Because the links use trusted identity provider domains, many security filters fail to detect the attack easily.

New OAuth Phishing Attack Uses Redirect Trick

This new OAuth phishing attack works by abusing the normal error-handling process defined in the OAuth standard. Attackers first register fake applications inside their own cloud tenants. They then configure redirect links that lead to domains they control.

Phishing emails are sent with special OAuth authorisation links. These links target the Microsoft Entra ID login endpoint and include parameters designed to break the login process. For example, attackers request an invalid permission, so the authentication attempt fails.

When the request fails, the identity system automatically redirects the browser to the attacker’s registered redirect link. Since this redirect is part of normal OAuth behaviour, many email and browser security systems do not block it.

Five-Stage Phishing Attack Chain Explained

Researchers say the campaign follows a five-stage phishing attack chain. First, attackers send phishing emails related to e-signatures, financial documents, or meeting invites. Automated tools help them send large numbers of messages.

Second, clicking the link triggers a silent OAuth check. The link may also contain the victim’s encoded email address.

Third, the authentication request fails, and the system redirects the user to the attacker’s website. Fourth, victims may be taken to phishing pages or prompted to download malicious ZIP files.

Finally, malware can run PowerShell commands, collect system information, and connect to attacker-controlled servers.

Click here to Read More

Toxic release delayed to 2026: Yash cites Middle East tensions; fans say move helps both films

Silver Prices Climb Amid US-Iran Tensions (Mar 4), Check 1 Gram And 1 Kg Rates In Major Cities Across India

Related Technology Updates:

The Art of Baking: From Classic Bread to Artisan Pastries

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Hacker News

0 0

38 minutes ago

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Hacker News

0 0

2 hours ago

Nothing Phone (4a) Spotted At MWC With New Colours Ahead Of March 5 Launch

ABP LIve

0 1

2 hours ago

iPhone 17 Pro Now Nearly Rs 20,000 Cheaper: Check How Buyers Can Unlock This Offer

ABP LIve

0 2

3 hours ago

Israeli Air Force F-35 Shoots Down Iranian Jet Over Tehran

Stock Market March 4 Highlights: Sensex, Nifty Crash, Rupee Hits Records Low

'Pakistan should've done something': Karthik slams England duo

To Invest Or Not To Invest: Should You Buy The Dip or Wait Out Oil Shock?

'Pakistan should've done something': Karthik slams England duo

Jim Carrey’s publicist confirms he attended 2026 César Awards

Kajol posts a hilarious birthday wish for Tanishaa Mukerji

Ex-Pakistan captain who beat India in 2017 CT final in line to become head coach

La Liga: Real Madrid lose again as FC Barcelona widen gap at top of table

La Liga: Real Madrid lose again as FC Barcelona get gap at top of table

Ligue 1: Marseille get comeback win against Lyon and close in on podium

Ligue 1: OM get comeback win against OL and close in on podium

Trump Says US Will Ensure Free Flow Of Energy, Orders Maritime Insurance Amid Hormuz Crisis

ABP Live Doc Talk | Holi Hair Damage Is Real: Know How Colours Affect Scalp Health And Cause Hair Fall

Israel-Iran Conflict Disrupts Flights: IndiGo, Air India, And SpiceJet Face Capacity And Profit Hit

Sri Lanka Navy Rescues 30 Iranian Sailors From Sinking Frigate Off Galle

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Escape with these 7 Travel Creators

Celebrating 7 Creators for Hispanic Heritage Month

10 Asian American Creators You’ll Want to Follow

November search trends sports and fitness creators should be fall-ing for

Qatar Airways extends flight suspension amid continued airspace closure

UAE residents return home on 3 exceptional Etihad Rail trains from Saudi border

Dubai Airport issues warning over fabricated, digitally altered videos circulating online

Iran Made Secret Outreach After Strikes, Highlighting Trump’s Challenge

Microsoft Flags New OAuth-Based Phishing Attack Targeting Public Sector

ABP LIve

1 hour ago

1

0

👍 ❤️ 😂 😮 😢 😡

New OAuth Phishing Attack Uses Redirect Trick

Five-Stage Phishing Attack Chain Explained

Toxic release delayed to 2026: Yash cites Middle East tensions; fans say move helps both films

Silver Prices Climb Amid US-Iran Tensions (Mar 4), Check 1 Gram And 1 Kg Rates In Major Cities Across India

Comments (0)

Leave a comment

Search

Language Settings

Select Website Language

Login

Create Account

Reset password

Terms and conditions

GDPR Compliance

News National

Microsoft Flags New OAuth-Based Phishing Attack Targeting Public Sector

ABP LIve 1 hour ago

1

0

New OAuth Phishing Attack Uses Redirect Trick

Five-Stage Phishing Attack Chain Explained

Toxic release delayed to 2026: Yash cites Middle East tensions; fans say move helps both films

Silver Prices Climb Amid US-Iran Tensions (Mar 4), Check 1 Gram And 1 Kg Rates In Major Cities Across India

Related Technology Updates:

Comments (0)

Leave a comment

ABP LIve

1 hour ago