Critical: Phishing site detected with my session cookie redirect

Why am I getting this all of a sudden? There have been no code changes for a while. Would appreciate some guidance.

This is a critical issue for us to resolve. Will contact support also.


Sorry, a point of clarification, we’re using OktaAuth() with an authorization callback from the client. I get the error at the time of redirect.


Just saw the trust site:

I’ll be monitoring the situation.