Massive Chinese-Linked Botnet Targets Microsoft 365 Authentication Vulnerability

A sophisticated botnet of 130,000+ compromised devices is exploiting Microsoft 365's basic authentication to bypass MFA protections. The password-spraying campaign, potentially linked to Chinese threat actors, targets non-interactive sign-ins across multiple sectors globally.