Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.
“Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking,” Microsoft 365
Source: Google Hacker News