ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
A threat actor tracked as O-UNC-066 by Okta is targeting Microsoft 365 users with voice phishing calls that trick victims into enrolling a passkey controlled by the attacker. The campaign exploits a passkey registration feature Microsoft opened to administrators in May. The phishing kit uses an operator-controlled PHP panel with real-time heartbeat polling to adapt to each victim's MFA method.
Tap to vote and see what everyone thinks.
Summary by ByteBrief