ShellCodeX Intelligence Brief
HIGH
Cloud
Microsoft 365 password-spray campaign drives 81M login attempts
Source headline: Hackers target Microsoft 365 accounts with 81 million login attempts
Threat level
High
Signal strength
75/100
Source confidence
1 source
Published
2 hours ago
Intelligence Summary
Threat actors carried out a password-spraying campaign against Microsoft 365 sign-ins. Over roughly two weeks, the activity produced more than 81 million login attempts. The targeting focused on gaining access to user accounts rather than exploiting a specific vulnerability. This raises the risk of account takeover, credential reuse, and downstream exposure to email and document data. Organizations using Microsoft 365 should review sign-in logs, harden authentication, and reduce password-guessing success with MFA and conditional access.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.
Topics
Original reporting
BleepingComputer
Hackers target Microsoft 365 accounts with 81 million login attempts
Open original source