Wiz's investigation of the security incident disclosed by Microsoft and CISA and attributed to Chinese threat actor Storm-0558, found that the incident seems to have a broader scope than originally assumed potentially impacting also Teams, SharePoint, custom apps and more. Organizations using Microsoft and Azure services should take steps to assess potential impact.

Researchers from Wiz were able to manipulate Bing.com search results and access customer data due to a simple AAD misconfiguration