Cybersecurity investigators have revealed a new assault method that enables malicious individuals to circumvent Fast IDentity Online (FIDO) key safeguards by tricking users into consenting to authentication requests from imitation company login sites.
The activity, detected by Expel during a phishing operation in the real world, has been linked to a threat entity known as PoisonSeed, which has recently been identified.