Microsoft on Wednesday revealed that a China-based threat actor known asStorm-0558acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineers corporate account. This enabled the adversary to access a debugging environment that contained a crash dump of the consumer signing system that took place in April 2021 and steal the key. A consumer