Threat actors targeted two major tech firms with nearly identical phishing schemes last week. In one case, attackers gained access to data for approximately 125 customers. In the other, they tricked three employees but did not gain any system access to their systems. FIDO2-compliant security keys are cited as a “linchpin mechanism” in Cloudflare’s defense.