security: Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
Microsoft Security Blog
2026-05-12
Microsoft Incident Response describes an intrusion that used legitimate administrative mechanisms and a third-party compromise to stay hidden. The attack avoided noisy exploits and obvious malware by abusing trusted systems already present in the environment.