ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cloud

Microsoft 365 password-spray campaign drives 81M login attempts

Source headline: Hackers target Microsoft 365 accounts with 81 million login attempts

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 2 hours ago

Intelligence Summary

Threat actors carried out a password-spraying campaign against Microsoft 365 sign-ins. Over roughly two weeks, the activity produced more than 81 million login attempts. The targeting focused on gaining access to user accounts rather than exploiting a specific vulnerability. This raises the risk of account takeover, credential reuse, and downstream exposure to email and document data. Organizations using Microsoft 365 should review sign-in logs, harden authentication, and reduce password-guessing success with MFA and conditional access.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#microsoft-365 #credential-attacks #password-spraying #cloud-identity #sign-in-logs
Original reporting BleepingComputer Hackers target Microsoft 365 accounts with 81 million login attempts
Open original source