VulnHub

Real-time Cybersecurity News

Okta SSO accounts targeted in vishing-based data theft attacks

BleepingComputer
Actively Exploited
PhishingOkta

Overview

Okta has issued a warning about a new wave of attacks targeting its Single Sign-On (SSO) accounts through voice phishing, or vishing. Attackers are using custom phishing kits designed specifically for these social engineering tactics to trick users into revealing their Okta SSO credentials. This breach affects organizations that rely on Okta for secure login processes, potentially exposing sensitive data if attackers gain access. As these attacks are currently active, users are urged to remain vigilant and verify any requests for sensitive information they receive via phone. This situation emphasizes the need for enhanced security measures and user education on recognizing vishing attempts.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Okta SSO accounts
  • Action Required: Users should verify requests for sensitive information and consider enabling multi-factor authentication (MFA) for added protection.
  • Timeline: Newly disclosed

Original Article Summary

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. [...]

Impact

Okta SSO accounts

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should verify requests for sensitive information and consider enabling multi-factor authentication (MFA) for added protection.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Phishing, Okta.

Read Original Article

Related Coverage

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says

SecurityWeek

Italy's government has successfully thwarted a series of cyberattacks linked to Russian sources, aimed at its foreign ministry offices, including one located in Washington, D.C. These attacks were reportedly targeting websites associated with the upcoming Winter Olympics. The Italian Foreign Minister announced the prevention of these incidents, emphasizing the ongoing risks posed by cyber threats in international contexts. This situation underlines the vulnerabilities that governments face, particularly during significant global events like the Olympics. The foiled attacks serve as a reminder of the persistent cyber warfare tactics employed by nation-states.

Feb 5, 2026

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

SecurityWeek

A recent report from Palo Alto Networks reveals that a cyberspy group has successfully targeted governments and critical infrastructure across 37 countries. While the specific origin of these attacks hasn't been confirmed, there are strong indications pointing to China as the likely source. The affected entities include various government agencies and critical infrastructure sectors, which raises significant concerns about national security and the potential for disruption in essential services. The scale of the operation suggests a sophisticated level of planning and execution, highlighting the ongoing risks that nation-states pose in the cyber realm. This incident serves as a reminder for organizations worldwide to bolster their cybersecurity defenses and remain vigilant against such threats.

Feb 5, 2026

Why boards should be obsessed with their most ‘boring’ systems

CyberScoop

Recent cyberattacks have prompted boards of directors to take a closer look at enterprise resource planning (ERP) systems, which are often overlooked but can be vulnerable to significant security threats. A notable example is the cyberattack on Jaguar Land Rover (JLR) in September 2025, which showcased the severe repercussions of such incidents. This attack not only disrupted operations but also highlighted the risks that come with failing to adequately secure these 'boring' systems. As organizations reassess their cybersecurity strategies, it's clear that even the most mundane systems can have catastrophic impacts if left unprotected. Companies are encouraged to prioritize the security of their ERP systems to prevent similar incidents in the future.

Feb 5, 2026

Police shut down global DDoS operation, arrest 20-year-old

Help Net Security

Poland's Central Bureau for Combating Cybercrime has arrested a 20-year-old man believed to be behind a series of global DDoS attacks that targeted important websites. The suspect faces six charges, including disrupting IT systems and using specialized software to execute cyberattacks. He has reportedly confessed to many of the allegations against him. If found guilty, he could face up to five years in prison. This operation underscores the ongoing challenges of combating cybercrime, particularly as such attacks can significantly disrupt online services and affect many organizations worldwide.

Feb 5, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

Security Affairs

In 2025, a group of hackers believed to be linked to China, known as Amaranth-Dragon, launched cyber-espionage campaigns targeting various government and law enforcement agencies in Southeast Asia. Countries affected include Thailand, Indonesia, and Singapore. This activity is associated with the APT41 ecosystem, which has a history of conducting similar operations. The implications of these attacks are significant, as they threaten national security and the integrity of sensitive governmental data. Researchers emphasize the need for enhanced cybersecurity measures among the affected nations to protect against ongoing and future threats.

Feb 5, 2026

AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+

Infosecurity Magazine

Pindrop has reported a staggering 1210% increase in AI-powered fraud incidents over the past year, particularly affecting voice and virtual meeting platforms. This surge indicates that attackers are increasingly utilizing artificial intelligence to create convincing scams, making it harder for users to detect fraudulent activities. The rise in such sophisticated tactics poses significant risks to individuals and businesses alike, as it can lead to financial loss and data breaches. Companies are urged to enhance their security measures and educate employees about these evolving threats to better protect against AI-driven scams. The alarming growth in this type of fraud emphasizes the need for vigilance in both personal and professional communications.

Feb 5, 2026