#5
The Hacker News
general
July 10, 2026 at 10:30 UTC
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access
By [email protected] (The Hacker News)
AI Summary
Okta-tracked threat actor O-UNC-066 is conducting vishing campaigns targeting Microsoft 365 users, directing victims to fake Microsoft Entra ID login pages to hijack passkey enrollment and gain persistent account access for data extortion. Security teams should alert helpdesks and review Entra ID passkey enrollment logs for anomalous activity, particularly unsolicited enrollment events following inbound phone calls.
Relevance score: 78.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →