New ConsentFix Attack Hijacks Microsoft Accounts Via Azure CLI

ConsentFix attack hijacks Microsoft accounts via Azure CLI without passwords or MFA. It tricks users into submitting OAuth codes through a fake CAPTCHA on compromised sites, giving attackers full access to accounts using Azure authentication. Monitoring for unusual Azure CLI activity is recommended to detect this threat.

https://www.bleepingcomputer.com/news/security/new-consentfix-attack-hijacks-microsoft-accounts-via-azure-cli/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top