Massive Automated Password Spray Attack Targeting Microsoft’s Azure Command-Line Interface
A large-scale automated password spray campaign is actively abusing Microsoft’s Azure Command-Line Interface (CLI) and legacy OAuth flows to compromise Entra ID accounts, despite organizations having multi-factor authentication (MFA) in place. Huntress is tracking a sustained password-and-token...