Neural Newscast
Neural Newscast
Neural Newscast
Microsoft 365 Hit by 81 Million Login Attempts [Prime Cyber Insights]
3 minutes Posted Jul 3, 2026 at 2:35 pm.
Introduction
Microsoft 365 Credential Spray Analysis
The ARToken and ConsentFix Threat
Privacy Gaps and Corporate Breaches
Conclusion
0:00
3:55
Download MP3
Show notes
This briefing analyzes a massive surge in automated attacks against Microsoft 365, featuring 81 million password-spraying attempts targeting 64 organizations. We break down the technical exploitation of the Resource Owner Password Credentials (ROPC) OAuth mechanism, which allowed attackers to bypass multi-factor authentication due to misconfigured Conditional Access policies. The episode also explores the discovery of the ARToken Phishing-as-a-Service platform, an affiliate of EvilTokens that uses AI to automate business email compromise. Additionally, we cover the 'ConsentFix' technique that hijacks sessions in seconds and a lingering vulnerability in Apple's 'Hide My Email' feature that remains unfixed over a year after disclosure. Finally, we review the Medtronic data breach notification following an intrusion by the ShinyHunters group that compromised 9 million records.