The LevelBlue SpiderLabs team identified phishing emails in January 2026 that use Microsoft Application Registration Redirect URI’s to abuse trust relationships and bypass spam filters to redirect users to phishing websites.