Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors.“We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers,” the Identity and access management (IAM) services provider said.The suspicious activity commenced on April 15, 2024, with the company noting that it “proactively” informed customers that had the feature enabled. It did not disclose how many customers were impacted by the attacks.