Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data

A compromised version of the widely used Nx Console VS Code extension was published to the Visual Studio Code Marketplace on May 18, 2026, silently targeting developer credentials, cloud infrastructure tokens, and CI/CD pipeline secrets across thousands of machines. The incident marks the second supply chain attack against the Nx ecosystem in under a year, […] The post Hackers Abuse Microsoft Entra ID Accounts to Exfiltrate Microsoft 365 and Azure Data appeared first on Cyber Security News.