The Hacker News

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

PhishingHighphishing

Attackers are using fake Microsoft Entra passkey enrollment prompts via voice-based phishing to compromise Microsoft 365 accounts across multiple sectors. The threat actor O-UNC-066 deploys a panel-controlled phishing kit targeting passkey enrollment, leading to data extortion attacks.

AI summary · generated with Claude

https://thehackernews.com/2026/07/hackers-use-fake-microsoft-entra.html