The attack exploited previously exposed credentials and flaws in enterprises’ multi-factor authentication configurations.
Threat actors have made over 81 million login attempts in a massive password spray campaign targeting Azure CLI.