Microsoft Azure cloud container vulnerability allows an attacker to escape their container and compromise other user's containers on the same cloud services by executing malicious code.
Hackers could exploit ProxyToken authentication bypass vulnerability to steal victims’ emails and personally identifiable information from vulnerable Microsoft Exchange servers.
CISA issues urgent alert as threat actors actively exploit ProxyShell vulnerabilities on unpatched Microsoft Exchange servers to execute LockFile ransomware attacks.
Microsoft Azure Cosmos DB cloud databases have had their read-write keys exposed by a flaw that has been present since 2019, allowing an attacker to not just access the contents but also to change or delete them.
Microsoft Power Apps appears to list all data types as public unless the default settings are changed. The data leak exposed several coronavirus tracing and vaccination portals, as well as at least one job applicant database that contained social security numbers.