Bleeping Computer

Microsoft still unsure how hackers stole Azure AD signing key

Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen ...
Bleeping Computer

Stolen Microsoft key offered widespread access to Microsoft cloud services

The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according ...