FIDO Security | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to downgrade Fast IDentity Online ( FIDO ) key protections by deceiving users into approving authentication requests from spoofed company login portals. FIDO keys are hardware- or software-based authenticators designed to eliminate phishing by binding logins to specific domains using public-private key cryptography. In this case, attackers exploit a legitimate feature—cross-device sign-in—to trick victims into unknowingly authenticating malicious sessions. The activity, observed by Expel as part of a phishing campaign in the wild, has been attributed to a threat actor named PoisonSeed , which was recently flagged as leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases and drain victims' digital wallets. "The attacker does this by taking advantage of cross-d...