News

Mobile ID World21h
PoisonSeed Phishing Campaign Bypasses FIDO Keys Through QR Code Exploitation
A sophisticated phishing campaign known as PoisonSeed has emerged, targeting accounts protected by FIDO authentication keys by exploiting cross-device sign-in features. Cybersecurity firm Expel has ...
Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake ...
GovInfoSecurity3h
Hackers Exploit FIDO MFA With Novel Phishing Technique
Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency ...