Hackers have been exploiting the TeamFiltration framework to launch password spraying attacks against over 80,000 Microsoft Entra ID accounts across hundreds of organizations since December 2024. The threat actor, known as UNK_SneakyStrike, has successfully compromised multiple accounts, particularly peaking on January 8 with 16,500 accounts targeted in one day. Organizations are advised to implement detection measures and enable multi-factor authentication to mitigate these attacks.