Microsoft takes pains to obscure role in 0-days that caused email breach
arstechnica.com
"We don’t have any evidence that the actor exploited a 0day." the compromise resulted from three exploited vulnerabilities in either its Exchange Online email service or Azure Active Directory, an identity service that manages single sign-on and multifactor authentication for large organizations. Mi