Security Boulevard

When MFA Fails Quietly: Inside the Rise of AiTM Phishing Attacks

Multi-factor authentication has long been treated as a security finish line. Once enabled, organizations assume that account ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...
Bleeping Computer

Threat actors try to downgrade FIDO2 MFA auth in PoisonSeed phishing attack

Update 7/25:25: Expel researchers have recanted their story, stating that while the the threat actors are attempting to use a phishing attacks to bypass FIDO authentication, the Cross-Device ...