Phishing attacks taking advantage of what appears to be a bug in Apple's password reset feature have become increasingly common, according to a report from KrebsOnSecurity . Multiple Apple users users have been targeted in an attack that bombards them with an endless stream of notifications or multi-factor authentication (MFA) messages in an attempt to get them to approve an Apple ID password change. An attacker is able to cause the target's iPhone , Apple Watch, or Mac to display system-level password change approval texts over and over again, with the hope that the person being targeted will mistakenly approve the request or get tired of the notifications and click on the accept button. If the request is approved, the attacker is able to change the Apple ID password and lock the Apple user out of their account. Because the password requests target the Apple ID, they pop up on all of a user's devices. The notifications render all linked Apple products unable to b