IOActive research reveals authentication downgrade attacks using Cloudflare Workers to bypass phishing-resistant MFA like FIDO2. By manipulating JSON configurations or CSS, attackers force users into weaker methods to hijack sessions. Organizations must enforce strict policies.
Information
- Show
- FrequencyUpdated Daily
- PublishedFebruary 7, 2026 at 12:38 PM UTC
- Length16 min
- RatingClean