Seems to be this Proofpoint blogpost about a phishing campaign:

https://www.proofpoint.com/us/blog/cloud-security/community-...

being blown out of proportions by a series of obscure news websites exaggerating each other's stories.

Edit: for a real interesting Microsoft security disaster (not exploited in the wild AFAIK) check out ChaosDO by Wiz:

https://www.wiz.io/blog/chaosdb-explained-azures-cosmos-db-v...

This is really shoddy reporting. The title says Azure data breach whereas the attack is a phishing campaign targeting Office 365. Being a phishing campaign, it is unclear which components of Azure/Microsoft were instrumental in the attack. And the article goes on to make irrelevant allusions to Microsoft's negligent cybersecurity practices. This is such bad reporting that I wonder whether it is done with incompetence or malfeasance.

Microsoft should be considered a threat to national security, particularly in the US. Their clear disregard for product quality at this point is beyond measure and requires government intervention.

> These links led to phishing websites but the anchor text of these links was “View Document”.

Fucking noobs.