Bleeping Computer

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line ...
Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
IT News For Australia Business

Azure CLI credential leak part of Microsoft's monthly patch rollup

Microsoft’s regular patch day includes patches for zero-days and bugs already under exploitation, along with three vulnerabilities rated critical. One of the critical vulnerabilities, CVE-2023-36052, ...