Hackers are using this sneaky exploit to bypass Microsoft's multi-factor authentication

Attackers guessed the password of a dormant account and were able to apply their own MFA to it - providing access to the victim's network.