The attack began on Oct. 18 and stemmed from the most recent Okta breach, in which a threat actor used stolen credentials to access a customer support case management system that contained HTTP Archive files. The threat actor used session cookies contained in those files to impersonate valid users at several Okta customers, including Cloudflare, BeyondTrust and 1Password.

Read the full story here:

Prefers reduced motion setting detected. Animations will now be reduced as a result.