SquareX researchers demonstrated that this trust can be exploited, as attackers can manipulate the passkey workflow within the browser environment. The finding follows earlier research from Proofpoint ...