logo

Hackers target Microsoft 365 accounts with 81 million login attempts

ID: 5430d1ca-f1ac-5afe-9150-b0b9bf6e2d92

STIX ID: report--5430d1ca-f1ac-5afe-9150-b0b9bf6e2d92

Feed Name: Bleeping Computer

Threat Score
70/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

Author: Bill Toulas

...
...

An aggressive password-spraying campaign against Microsoft 365 generated over 81 million login attempts in two weeks and compromised 78 accounts across 64 organizations by using stolen credentials and authenticating via the OAuth ROPC flow, which bypassed MFA where Conditional Access policies were misconfigured; Huntress observed the activity, noted common misconfigurations, and linked activity to an IPv6 range (LSHIY LLC, AS32167).

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.