Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a « massive, ongoing, automated password spray attack » aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process.

The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/32) controlled by internet infrastructure provider LSHIY LLC (AS32167).

« Between June 12 and June 26, the threat