IOActive research reveals authentication downgrade attacks using Cloudflare Workers to bypass phishing-resistant MFA like FIDO2. By manipulating JSON configurations or CSS, attackers force users into weaker methods to hijack sessions. Organizations must enforce strict policies.
Informations
- Émission
- FréquenceTous les jours
- Publiée7 février 2026 à 12:38 UTC
- Durée16 min
- ClassificationTous publics
