BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique

TLDR: BitM attacks rapidly compromise web application sessions, bypassing MFA through social engineering. Adversaries target session tokens via tools like Evilginx2. Mandiant's Delusion tool enhances BitM efficiency, enabling session stealing with minimal prior knowledge of target authentication methods. Strong defenses, including hardware-based MFA and client certificates, are crucial to thwarting such threats. Organizations should adopt layered security measures to protect sensitive data from BitM exploits.

https://cloud.google.com/blog/topics/threat-intelligence/session-stealing-browser-in-the-middle/