Summary:
- Researchers from the cybersecurity firm Wiz have discovered a critical vulnerability in Microsoft Azure that could allow attackers to gain unauthorized access to customer data and resources.
- The vulnerability, dubbed "ChaosDB," is a complex flaw in the Cosmos DB serverless database service that could be exploited to steal access keys and gain full administrative control over Cosmos DB instances.
- Microsoft has acknowledged the issue and has taken steps to mitigate the vulnerability, including automatically rotating access keys for all Cosmos DB customers to prevent potential exploitation.