Hackers Abuse Microsoft Entra Passkey Enrollment to Hijack Enterprise Accounts

Cybercriminals have found a new way to hijack corporate Microsoft accounts by exploiting the very feature meant to protect them: passkeys. A threat group tracked as O UNC 066, also called Pink by Palo Alto Networks Unit 42, has run a phone based phishing campaign since April 2026 that tricks employees into registering an attacker […]

The post Hackers Abuse Microsoft Entra Passkey Enrollment to Hijack Enterprise Accounts appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: