Silent MFA Killer: Microsoft’s AuthQuake Bug Let Hackers Bypass Security Undetected
A critical security flaw dubbed "AuthQuake" in Microsoft's Multi-Factor Authentication system allowed attackers to bypass MFA through extended TOTP validation times and insufficient rate limiting. The vulnerability, discovered by Oasis Security, has been patched with stricter rate limiting...