Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack - BleepingComputer

July 19, 2025 | by Lawrence Abrams

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals.

Continue Reading