IOActive research reveals authentication downgrade attacks using Cloudflare Workers to bypass phishing-resistant MFA like FIDO2. By manipulating JSON configurations or CSS, attackers force users into weaker methods to hijack sessions. Organizations must enforce strict policies.
Information
- Show
- FrequencyUpdated daily
- Published7 February 2026 at 12:38 UTC
- Length16 min
- RatingClean