LOWVulnerability
Global
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
·Source: BleepingComputer
Updated:
Executive Summary
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to defend against them. [...]
Analysis
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to defend against them. [...]