Nation-state threat actors are actively weaponizing ROADtools, a popular open-source red-teaming framework, to bypass multi-factor authentication (MFA) and hijack Microsoft Azure cloud environments. Originally designed to help security researchers explore Entra ID (formerly Azure Active Directory) authentication layers, this Python-based toolkit is now being used in targeted attacks to silently steal tokens, evade defenses, and […]
The post Attackers Misuse ROADtools to Evade MFA and Hijack Cloud Access appeared first on Cyber Security News.