-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

Password Spray | Breaking Cybersecurity News | The Hacker News

Category — Password Spray
Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Jul 01, 2026 Password Security / Cloud Security
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress , originates from an IPv6 address range ( 2a0a:d683::/32 ) controlled by internet infrastructure provider LSHIY LLC (AS32167). "Between June 12 and June 26, the threat actor behind it made more than 81 million login attempts and successfully compromised at least 78 Microsoft accounts across 64 organizations," the company said in a statement. "The targeting of these attacks seems to be based entirely on password prevalence on compromised password combo lists, and is not specific to business type or industry." What makes the password spray attack noteworthy is not only the scale, but also the fact that many of the compromised organizations had Conditional Access policies enabled. Specifically, the campaign has been found to...
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors

Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors

Sep 15, 2023 Cyber Attack / Password Security
Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name  Peach Sandstorm  (formerly Holmium), said the adversary pursued organizations in the satellite, defense, and pharmaceutical sectors to likely facilitate intelligence collection in support of Iranian state interests. Should the authentication to an account be successful, the threat actor has been observed using a combination of publicly available and custom tools for discovery, persistence, and lateral movement, followed by data exfiltration in limited cases. Peach Sandstorm , also known by the names APT33, Elfin, and Refined Kitten, has been linked to spear-phishing attacks against aerospace and energy sectors in the past, some of which have entailed the use of the  SHAPESHIFT  wiper malware. It's said to be active since...
Expert Insights Articles Videos
Cybersecurity Resources