
Fake Microsoft Passkey Flow Uses BIP-39 Seed Phrase Distraction During Account Takeover
A threat actor known as O-UNC-066, or “Pink,” is targeting enterprise Microsoft 365 customers with a sophisticated account takeover campaign. Since April 2026, the group has used voice phishing and a specialized phishing kit to steal data for extortion. The attackers target organizations across multiple sectors, including healthcare, technology, aviation, and automotive. They register malicious […]
The post Fake Microsoft Passkey Flow Uses BIP-39 Seed Phrase Distraction During Account Takeover appeared first on Cyber Security News.