Attackers use artificial intelligence to time push notifications and defeat multifactor protections
Security teams at several large companies are grappling with a new wave of identity attacks that blend automated decision models with real time session orchestration to trick employees into approving authentication prompts. The campaigns use adversary in the middle techniques and device code phishing to present legitimate looking login flows while the attacker polls authentication endpoints, then captures session tokens once a user approves a prompt. Hundreds of organizations have reported compromises in recent weeks.
How the attacks work
Attackers assemble automated reconnaissance, social engineering scripts and proxying toolkits to time push notifications precisely when a target is most likely to approve them. The approach mixes classic push fatigue tactics with AI that adjusts message timing, language and the moment of contact to exploit human trust. Campaigns also use spoofed device code flows that ask users to enter a one time code on a real provider page while the attacker monitors the authorization window. The result is real time bypass of many common MFA methods.
Scale and criminal tooling
Underground kits and phishing-as-a-service platforms have made these techniques accessible to lower skilled attackers. Law enforcement recently dismantled a major phishing service that automated interception of live authentication sessions. Security vendors warn the volume and sophistication of these kits has risen sharply, turning what was once a niche threat into a broad, high success rate business model. The ecosystem now delivers complete end to end chains that routinely defeat push and SMS based defenses.
What defenders should do
Experts recommend moving away from push only methods toward phishing resistant authentication, such as FIDO2 hardware keys, strict conditional access policies, and requiring managed, compliant devices for sensitive logins. Organizations should also eliminate fallback methods that can be abused and set short session lifetimes for high risk accounts. Detection must shift from signature blocking to behavior and session integrity checks.
The bigger picture
Adoption of MFA continues to climb, but defenders must accept that adoption alone is not protection. Identity is the primary attack surface in 2026, and companies that do not harden authentication and rethink session handling will remain exposed.