Application-based attacks that use the passwordless log in with feature common to cloud services are on the rise. Microsoft is warning that attackers are ramping up applications that exploit OAuth 2.0. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a password using signed-in status on another, trusted service or website. Users can protect themselves by ensuring that whatever app they re signing into is actually legitimate.
Source: https://threatpost.com/microsoft-warns-oauth-attacks-cloud-app/157331/