Security News Cookie-Bite attack PoC uses Chrome extension to steal session tokens BleepingComputer Daniel Bender Apr 22, 2025 A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams.
