> TritonInfoSec News

Home / May 21, 2026 / Story

#10 BleepingComputer general May 19, 2026 at 19:35 UTC

Microsoft Self-Service Password Reset abused in Azure data theft attacks

By Bill Toulas

AI Summary

A threat actor is abusing Microsoft's Self-Service Password Reset (SSPR) feature to steal data from Microsoft 365 and Azure production environments, leveraging legitimate Microsoft administration features to evade detection. The attacks target Azure production environments and exploit trusted built-in tools, making them difficult to distinguish from legitimate administrative activity. Security teams managing Azure tenants should audit SSPR configurations and monitor for anomalous administrative tool usage.

Read full article → https://www.bleepingcomputer.com/news/security/mic…

Relevance score: 73.0/100

Sponsored

Protect Your Business

Expert cybersecurity solutions to safeguard your organization from evolving threats.

Get Protected →

# More from May 21

1
GitHub confirms breach of 3,800 repos via malicious VSCode extension BleepingComputer
2
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks The Hacker News
3
Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs The Record
4
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit The Hacker News
5
CISA Exposes Secrets, Credentials in 'Private' Repo Dark Reading
6
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches CyberScoop
7
7-Eleven confirms data breach claimed by the ShinyHunters gang BleepingComputer
8
Grafana breach caused by missed token rotation after TanStack attack BleepingComputer
9
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack SecurityWeek