Phishing Kits enable attackers to man-in-the-middle (MitM) a browser session and steal credentials and session cookies in real-time. Phishing kits are software developed to help threat actors harvest credentials and quickly capitalize on them. MFA makes attackers work harder, but attackers need to work harder to compromise users, expert says. Researchers at Stony Brook University and Palo Alto Networks have identified more than 1,200 MitM phishing sites, but only 43.7% of domains and 18.9% of IP addresses appeared on block lists.”]
Source: https://www.cuinfosecurity.com/increasing-adoption-phishing-kits-puts-mfa-at-risk-a-18461