Microsoft quietly fixed the elevation of privilege flaw in June.
The Azure OMI vulnerability (CVE-2021-38647) is under attack by several threat actors, including the Mirai botnet operators.
Attackers are cross-checking stolen Office 365 credentials on Azure Active Directory in real-time after victims type them into a malicious phishing page, researchers from Armorblox said.