Multi-factor authentication has long been treated as a security finish line. Once enabled, organizations assume that account takeover risks drop dramatically. Recent attacker behavior suggests otherwise. New reporting details a growing wave of adversary-in-the-middle (AiTM) phishing campaigns that are specifically designed to bypass MFA by hijacking authentication sessions in real time, according to IT Pro.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/01/when-mfa-fails-quietly-inside-the-rise-of-aitm-phishing-attacks/
