Passkey vishing and AI “HalluSquatting” attacks raise the stakes for identity security
On July 8, 2026, multiple cybersecurity warnings highlighted a fast-evolving identity and software-supply-chain threat landscape. One report describes a threat actor using voice-based “vishing” to target Microsoft 365 users with fake security requests that push victims to enroll a new Entra passkey. The scheme is designed to look like legitimate account protection while coercing users into completing an authentication step that benefits the attacker. In parallel, new research dubbed “HalluSquatting” shows how AI coding assistants can be manipulated by exploiting their tendency to invent plausible but nonexistent project names. The researchers demonstrate that attackers can reliably identify the fake names that the AI will accept, then weaponize that behavior to steer developers toward installing botnet malware. Strategically, these incidents converge on the same weak link: trust in identity workflows and in automated software-generation processes. Passkeys and modern identity systems are meant to reduce phishing, but vishing can still bypass human judgment by mimicking security staff and prompting high-privilege actions like passkey enrollment. That creates a new operational advantage for criminal groups because it targets the moment of credential binding rather than just stealing passwords. Meanwhile, HalluSquatting targets the developer’s toolchain, turning “hallucinations” into a delivery mechanism that can scale across organizations that adopt AI coding assistants. The net effect is that both attackers and defenders face a race: attackers refine social engineering and prompt-based deception, while defenders must harden identity enrollment paths and tighten software provenance controls. Market and economic implications are likely to concentrate in identity and endpoint security spending, cloud productivity risk, and software supply-chain assurance. Microsoft 365 and Entra ID are directly implicated, which can translate into higher demand for MFA/passkey governance, call-center and helpdesk verification controls, and security monitoring tied to authentication events. For investors, the most visible beneficiaries are vendors in identity threat detection, privileged access management, and secure software supply chain tooling, while insurers may reprice cyber risk for organizations with elevated account-takeover exposure. Even without explicit commodity or FX references, the direction is clear: cyber risk premia for affected sectors should rise, and incident response and remediation budgets can expand as enterprises respond to both identity fraud and AI-assisted malware delivery. The likely magnitude is moderate near-term—driven by heightened awareness and control rollouts—yet potentially severe if these techniques spread into large-scale campaigns. What to watch next is whether these tactics move from isolated reporting into repeatable, high-volume campaigns against common enterprise configurations. For identity defense, key indicators include spikes in passkey enrollment attempts, unusual voice-driven support interactions, and authentication events that correlate with helpdesk-like prompts rather than user-initiated flows. For the AI supply-chain angle, monitor for dependency installation patterns tied to nonexistent or newly created package names, and for botnet-related malware signatures emerging from developer environments. Trigger points include any public advisories from major platforms on Entra passkey enrollment abuse, and any evidence that HalluSquatting techniques are being operationalized by threat actors rather than remaining academic. Over the next days to weeks, escalation risk depends on whether attackers can automate both the social engineering and the AI-prompting steps to reduce attacker effort per victim.
Geopolitical Implications
- 01
Identity systems (passkeys, Entra) are becoming a strategic cyber battleground where social engineering can still defeat “phishing-resistant” designs.
- 02
AI-assisted software development expands the attack surface by making deception and supply-chain manipulation easier to scale across organizations.
- 03
Regulatory and financial-sector warnings (e.g., Bafin) suggest heightened compliance scrutiny for identity fraud and digital trust failures.
Key Signals
- —Increase in passkey enrollment attempts initiated after voice calls or helpdesk-like prompts
- —Security advisories from major identity/cloud providers about passkey enrollment abuse patterns
- —Developer-environment telemetry showing installs of suspicious or nonexistent packages referenced by AI tools
- —Emergence of botnet malware campaigns explicitly tied to AI-generated dependency names
Topics & Keywords
Related Intelligence
Full Access
Unlock Full Intelligence Access
Real-time alerts, detailed threat assessments, entity networks, market correlations, AI briefings, and interactive maps.