The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments.
"Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/08/storm-0501-exploits-entra-id-to.html