For years, multi-factor authentication (MFA) has been the security world’s favorite answer to “what should we do about phishing?” But attackers don’t wait for the controls to get better—they evolve around them. Enter the mid-stage adversary: a new class of attacker that’s rapidly scaling intrusions with help from phishing-as-a-service (PhaaS) platforms and adversary-in-the-middle (AiTM) toolkits.…