Bleeping Computer

How attackers are still phishing "phishing-resistant" authentication

As awareness grows around many MFA methods being “phishable” (i.e. not phishing resistant), passwordless, FIDO2-based authentication methods (aka. passkeys) like YubiKeys, Okta FastPass, and Windows ...
Ars Technica

Why MFA is getting easier to bypass and what to do about it

An entire cottage industry has formed around phishing attacks that bypass some of the most common forms of multifactor authentication (MFA) and allow even non-technical users to quickly create sites ...