Microsoft warns hackers are exploiting password resets to gain access to user accounts - here's how to stay safe
Microsoft has issued a warning about a hacking group named Storm-2949 that is exploiting the password reset feature in its services. The group uses social engineering tactics to trick victims into approving multi-factor authentication prompts, allowing them to reset passwords and access sensitive information. Microsoft advises users to implement stricter role-based access controls and monitor high-risk operations to mitigate these attacks.
- ▪Storm-2949 is abusing the Self-Service Password Reset flow to hijack accounts.
- ▪Attackers trick victims into approving MFA prompts via phone calls before resetting passwords.
- ▪The campaign targets Microsoft 365 and Azure environments, prompting Microsoft to recommend tighter security measures.
Opening excerpt (first ~120 words) tap to expand
Pro Security Microsoft warns hackers are exploiting password resets to gain access to user accounts - here's how to stay safe News By Sead Fadilpašić published 20 May 2026 Storm-2949 is engaged in a "methodical, sophisticated, and multi-layered" campaign When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock / JarTee) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Microsoft researchers warn Storm‑2949 is abusing the Self‑Service Password Reset flow to hijack accountsAttackers trick victims into approving MFA prompts via phone calls, then reset passwords and…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
