Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
GitHub

virtual_machine_data_disk_attachment.html.markdown

If both are used against the same Virtual Machine, spurious changes will occur. -> Note: only Managed Disks are supported via this separate resource, Unmanaged Disks can be attached using the ...
GitHub

key_vault_secret.html.markdown

Read more about sensitive data in state. ~> Note: The Azure Provider includes a Feature Toggle which will purge a Key Vault Secret resource on destroy, rather than the default soft-delete.