ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds

BleepingComputer BleepingComputer

ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows.

Learn how these MFA bypass tactics work and how to defend against them. [...]

Read full article at BleepingComputer →