Microsoft is alerting about a rise in AiTM phishing methods within the PhaaS cybercrime model, enabling widespread large-scale phishing campaigns. The primary aim of these attacks is to steal session cookies, allowing malicious actors to gain entry to privileged systems without needing to authenticate again. As cybercriminal sophistication continues to grow, organizations must implement comprehensive cybersecurity measures to combat these evolving threats.