A zoomed-in picture of a computer screen displaying a login window with a password typed in

Identity and access management giant Okta has warned customers of an ongoing credential stuffing attack against one of its tools and suggested users either disable it, or apply a set of mitigations to remain secure.

An announcement from the company noted how hackers have been abusing the cross-origin authentication feature in Customer Identity Cloud (CIC) to mount credential stuffing attacks for several weeks now.