https://arstechnica.com/security/2024/03/mfa-fatigue-attack-targets-iphone-owners-with-endless-password-reset-prompts/

Human weaknesses are a rich target for phishing attacks. Making humans click "Don't Allow" over and over again in a phone prompt that can't be skipped is an angle some iCloud attackers are taking—and likely having some success.

Brian Krebs' at Krebs on Security detailed the attacks in a recent post, noting that "MFA Fatigue Attacks" are a known attack strategy. By repeatedly hitting a potential victim's devices with multi-factor authentication requests, the attack fills a device's screen with prompts that typically have yes/no options, often very close together. Apple's devices are just the latest rich target for this technique.