"Cookie-Bite" Attack Uses Chrome Extension to Steal Session Cookies

A "Cookie-Bite" attack utilizes a Chrome extension to steal session cookies from the Azure Entra ID browser, thereby bypassing multi-factor authentication (MFA) protections and maintaining access to cloud services such as Microsoft 365, Outlook, and Teams. This proof of concept demonstrates how attackers can exploit browser extensions to compromise user sessions.