Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication
Posted on
Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.