Azure CLI - Geek Feed

Security
Tech News

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

December 13, 2025December 13, 2025 geekfeed0Tagged Account takeover, Azure CLI, ClickFix, Microsoft Account, OAuth, OAuth Tokens, phishing, Token

A new variation of the ClickFix attack dubbed ‘ConsentFix’ abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) verifications. A ClickFix attack is a social engineering technique that attempts to trick users into running commands on their computer to install malware or steal data. […]

3 mins read