News

The Hacker News1d
PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
Hackers bypass FIDO keys using spoofed portals and QR codes, exposing MFA weaknesses and risking user accounts.
CSO Online1d
PoisonSeed outsmarts FIDO keys without touching them
The novel technique exploits the cross-device sign-in option on FIDO to create an authenticated session controlled by ...
How-To Geek on MSN2d
Don't Scan That QR Code Yet, Do This First and Thank Me Later
Regular QR scanners just decode the code and send you to whatever link is behind it, no questions asked. Secure QR scanners, ...
Hackers can bypass FIDO MFA keys, putting your accounts at risk - here's what we know
A phishing campaign spotted trying to work around FIDO keys The "cross-device sign in" feature triggers a QR code Crooks can relay the QR code to bypass MFA and log in Hackers have found a way to ...