Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack
Lawrence Abrams
July 19, 2025
01:41 PM
0
A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals.
The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past,distributing emails containing crypto seed phrasesused to dr...
