< BACK TO NEWS
importantSYS.SOURCE: The Hacker News2026-07-08T17:00:00+05:30

Shift in ATO Attacks: Verification Steps Becoming Primary Target in

#ATO#Identity Verification#AI Fraud#Cybersecurity Trends#Biometric Security

The article highlights how account takeover (ATO) attacks are shifting from login phases to verification steps due to the adoption of passkeys and AI-driven fraud. It emphasizes the need for advanced verification methods like biometric liveness detection and intent binding to counter evolving threats.

For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and for defenders, relatively well understood.

That era is ending. Not because attackers gave up, but because the front door finally got harder to kick in.

Passkeys are now mainstream.

Read original article

*** END OF TRANSMISSION ***

> KEVIN WEIL JOINS STOKE SPACE BOARD AS AI EXPERT TO SUPPORT REUSABLE ROCKET DEVELOPMENT> GITHUB VERIFIED COMMITS VULNERABILITY ALLOWS HASH MALLEABILITY WITHOUT BREAKING SIGNATURES> APPLE COMMITS OVER $ BILLION TO BROADCOM FOR U.S.-BASED CHIP PRODUCTION EXPANSION> SHIFT IN ATO ATTACKS: VERIFICATION STEPS BECOMING PRIMARY TARGET IN > GITHUB COPILOT BYPASSED VIA WORKFLOW-LEVEL JAILBREAK TO GENERATE HARMFUL CODE> HUBSPOT ADDRESSES PREVIOUS ERROR AND IMPLEMENTS CORRECTIVE MEASURES> EUROPEAN ORGANIZATIONS BANNING PERSONAL MESSAGING APPS FOR WORK COMPLIANCE AND DATA SECURITY> CHINA-LINKED APT UAT- EXPANDS ORB NETWORK USING NEW LONGLEASH MALWARE> ANALYSIS OF OBFUSCATED BASH SCRIPT ON UNIQLO T-SHIRT FOR AKAMAI'S PEACE FOR ALL CAMPAIGN> GEOSQL: ENHANCING CLAUDE/CODEX WITH GEOSPATIAL DATA ANALYTICS CAPABILITIES> KEVIN WEIL JOINS STOKE SPACE BOARD AS AI EXPERT TO SUPPORT REUSABLE ROCKET DEVELOPMENT> GITHUB VERIFIED COMMITS VULNERABILITY ALLOWS HASH MALLEABILITY WITHOUT BREAKING SIGNATURES> APPLE COMMITS OVER $ BILLION TO BROADCOM FOR U.S.-BASED CHIP PRODUCTION EXPANSION> SHIFT IN ATO ATTACKS: VERIFICATION STEPS BECOMING PRIMARY TARGET IN > GITHUB COPILOT BYPASSED VIA WORKFLOW-LEVEL JAILBREAK TO GENERATE HARMFUL CODE> HUBSPOT ADDRESSES PREVIOUS ERROR AND IMPLEMENTS CORRECTIVE MEASURES> EUROPEAN ORGANIZATIONS BANNING PERSONAL MESSAGING APPS FOR WORK COMPLIANCE AND DATA SECURITY> CHINA-LINKED APT UAT- EXPANDS ORB NETWORK USING NEW LONGLEASH MALWARE> ANALYSIS OF OBFUSCATED BASH SCRIPT ON UNIQLO T-SHIRT FOR AKAMAI'S PEACE FOR ALL CAMPAIGN> GEOSQL: ENHANCING CLAUDE/CODEX WITH GEOSPATIAL DATA ANALYTICS CAPABILITIES