PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Updated on July 21, 2025

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals.
The activity, observed by Expel as part of a phishing campaign in the wild, has been attributed to a threat actor named PoisonSeed, which was recently flagged…

Read the rest of the story at Read More

Source: The Hacker News

December 5, 2024 Uncategorized

NCA Busts Russian Crypto Networks Launde...

December 7, 2023 Uncategorized

New Bluetooth Flaw Let Hackers Take Over...

September 25, 2024 Uncategorized

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Related posts

NCA Busts Russian Crypto Networks Launde...

New Bluetooth Flaw Let Hackers Take Over...

Mozilla Faces Privacy Complaint for Enab...

Leave a Comment Cancel reply

Recent News

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

Automation Is Redefining Pentest Delivery

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025