National Cyber Warfare Foundation (NCWF)

Microsoft Entra Passkey Enrollment Abused in Operator-Controlled Vishing Campaign


0 user ratings
2026-07-09 10:15:09
milo
Red Team (CNA)

A focused vishing campaign that weaponizes Microsoft Entra passkey enrollment as a social-engineering vector to enable account takeover and downstream data extortion. The threat actor begins by registering domains that include the term “passkey” (for example, assignpasskey[.]com, deploypasskey[.]com, passkeydeploy[.]com, passkeyadd[.]com, setpasskey[.]com) and creating per-target subdomains. Microsoft Entra ID login pages. Pages load generic Microsoft styling […]


The post Microsoft Entra Passkey Enrollment Abused in Operator-Controlled Vishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/microsoft-entra-passkey-enrollment/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.