Hackers stole Microsoft signing key from Windows crash dump
Chinese hackers stole a signing key from a Windows crash dump and used it to breach government email accounts, including those of the U.S. State and Commerce Departments, by exploiting a zero-day validation issue in Microsoft's Exchange Online and Azure Active Directory.