See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Hackers Can Bypass FIDO MFA Keys, Putting Your Accounts at Risk - Here's What We Know

Summary by Tech Radar
Fallback mechanism found in FIDO keys is being abused in adversary-in-the-middle attacks.

9 Articles

Tech RadarTech Radar
Center

Hackers can bypass FIDO MFA keys, putting your accounts at risk - here's what we know

Fallback mechanism found in FIDO keys is being abused in adversary-in-the-middle attacks.

·United Kingdom
Read Full Article
itsocial.fritsocial.fr

Session Diversion: Detect Compromise of Identifiers or Tokens

Identity compromises and session tokens are the two main types of identity attack experienced by users, allowing attackers to usurp users' identities and unauthorised access to critical systems or data. Once access is obtained, attackers can be considered legitimate users and move laterally [...] The post Session hijacking: Detecting the compromise of identifiers or tokens appeared first on Social IT.

Read Full Article
The Cyber ExpressThe Cyber Express

Phishing Attack Bypasses FIDO Key Authentication

A phishing campaign is bypassing FIDO key authentication by exploiting cross-device sign-in features, a managed detection and response (MDR) provider has discovered. The attack campaign, reported by Expel, doesn’t involve any vulnerabilities in FIDO keys, but rather exploits the cross-device sign-in functionality developed for user convenience that allows them to sign in on a device that doesn’t have a passkey by using a second device that does.…

Read Full Article
Biometric UpdateBiometric Update

Hackers successfully use social engineering attacks against FIDO keys

Security software company Expel says it detected a new type of adversary-in-the-middle (AitM) attack that takes advantage of the "cross-device sign-in” feature.

·Canada
Read Full Article
Clubic.comClubic.com

Do You Trust Your Fido Key? Hackers Have Found a Way to Weaken Its Security

Presented as one of the safest ways to connect, FIDO keys did not, however, prevent a group of hackers from taking control of protected accounts by relying on a poorly framed secondary authentication function.

Read Full Article
cybernoz.comcybernoz.com

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing And Cross-Device Sign-In Abuse - Cybernoz - Cybersecurity News

Jul 21, 2025Ravie LakshmananThreat Intelligence / Authentication Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals. FIDO keys are hardware- or software-based authenticators designed to eliminate phishing by binding logins to specific domains using public-pr…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

GBHackers On Security broke the news in on Monday, July 21, 2025.
Sources are mostly out of (0)

Similar News Topics

Security icon

Security

You have read 1 out of your 5 free daily articles.

Join millions of well-informed readers who use Ground to compare coverage, check their news blindspots, and challenge their worldview.

News
For You
SearchBlindspotLocal