Information security
fromThe Hacker News
13 hours agoHow Attackers Bypass Synced Passkeys
Synced passkeys are insecure for enterprises because they inherit cloud-account and recovery risks, enable downgrade and extension attacks, and expand the attack surface.