Bleeping Computer

Microsoft: Exchange servers hacked via OAuth apps for phishing

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending ...
Bleeping Computer

Microsoft reveals how hackers breached its Exchange Online accounts

Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives’ email accounts in November 2023, also breached other organizations as part of this ...