New 'ConsentFix v3' attack lets criminals take over Microsoft 365 accounts even when MFA and passkeys are turned on

Push Security disclosed ConsentFix v3, a new attack that lets criminals take over Microsoft 365 accounts even if the victim has MFA and phishing-resistant passkeys turned on. The trick: instead of stealing a password, the attacker tricks the user into pasting a Microsoft authorization URL into a phishing page during what looks like a routine login. That URL contains a one-time code that the attacker exchanges for permanent access tokens. v3 automates the whole attack with Cloudflare Pages phishing sites, Pipedream webhook automation, and tenant fingerprinting that customizes the lure to each target organization's branding.

Check

Brief any Microsoft 365 admin or developer that any 'verification step' that asks them to paste a URL containing 'localhost' into a webpage is hostile, no matter how legitimate the page looks.

Affected

Any Microsoft 365 / Entra ID tenant. The attack bypasses MFA, passkeys, and most Conditional Access policies by abusing pre-consented Microsoft first-party apps. Acute risk for organizations whose admins, developers, or DevOps engineers regularly use Azure CLI - those users won't suspect a fake Azure CLI authorization page. Cloudflare Pages and Pipedream both look legitimate in network telemetry.

Fix

Apply token binding to trusted devices and require Conditional Access for first-party Microsoft apps where possible. Hunt Azure sign-in logs for Azure CLI authentications from unfamiliar IPs, especially against accounts that don't normally use it. Train developers to verify out-of-band any 'verification step' that asks them to paste URLs into a webpage. Use app authentication restrictions to limit which first-party apps can issue refresh tokens.