News

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in ...
GovInfoSecurity1d
Hackers Exploit FIDO MFA With Novel Phishing Technique
Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency ...
McDonald’s AI hiring chatbot exposed data of job candidates
McDonald's AI hiring platform McHire faced a limited security breach affecting five candidate records despite reports ...
Statetechmagazine2d
AI for Utilities: The New Front Line in Defending Against Cyberthreats
From asset discovery to threat detection and response, AI helps force multiply their resources.
Mobile ID World2d
PoisonSeed Phishing Campaign Bypasses FIDO Keys Through QR Code Exploitation
A sophisticated phishing campaign known as PoisonSeed has emerged, targeting accounts protected by FIDO authentication keys by exploiting cross-device sign-in features. Cybersecurity firm Expel has ...
Phishers have found a way to downgrade—not bypass—FIDO MFA
Expel said that PoisonSeed has found a clever sleight of hand to bypass this crucial step. As the user enters the username ...
The Daily Upside4d
Okta Patent Disrupts AI-Fueled Phishing Attacks
“Some enrollment channels may be susceptible to phishing attacks in which an attacker may intercept sensitive data,” said ...
SecurityWeek6d
Virtual Event Preview: Cloud & Data Security Summit 2025 – Tackling Exposed Attack Surfaces in the Cloud
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and ...