New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...

Shut Down And Restart—New Microsoft Attack Beats Passwords, 2FA And Passkeys

Check Point explains that this new technique “tricks people into giving attackers access to their Microsoft accounts. The ...