
Massive Password Stealing Attack Targeting Microsoft 365 Users With 81 Million Login Attempts
A large-scale automated password spray campaign is actively abusing Microsoft’s Azure Command-Line Interface (CLI) and legacy OAuth flows to compromise Entra ID accounts, despite organizations having multi-factor authentication (MFA) in place. Huntress is tracking a sustained password-and-token spray campaign targeting Microsoft 365 and Azure CLI logins, with activity spiking between June 12 and June 26, […]
The post Massive Password Stealing Attack Targeting Microsoft 365 Users With 81 Million Login Attempts appeared first on Cyber Security News.