[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBDAtw43vOBX-L56RTkCusmlHBlWQ5w0-VI2XxbXHsEw":3},{"article":4,"iocs":49},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":29,"category":30,"article_tags":33},"92237104-ea4d-4988-aac6-f86c72bc5fc6","Offensive and defensive framework ROADtools is being misused by nation-state actors for cloud att...","offensive-and-defensive-framework-roadtools-is-being-misused-by-nation-state-act-7de0f3","Offensive and defensive framework ROADtools is being misused by nation-state actors for cloud attacks. Understand how to identify the activity that signals its malicious usage, including proactive hunting for anomalous activity: https:\u002F\u002Ft.co\u002Fbq50zF1tFV https:\u002F\u002Ft.co\u002FrIgNdQX2xa","ROADtools, an offensive\u002Fdefensive framework for Azure and Microsoft 365 security testing, is being exploited by nation-state actors to conduct cloud attacks. Security researchers provide guidance on identifying malicious ROADtools usage patterns and recommend proactive hunting techniques to detect anomalous activity associated with the framework's misuse.","Nation-state actors misusing ROADtools framework for cloud infrastructure attacks",null,"https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2058851844726616553","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHJKC020WAAAJtHq.jpg","2026-05-25T10:05:06+00:00","2026-05-25T11:00:05.231591+00:00",7,[18,21,24,26],{"name":19,"type":20},"ROADtools","product",{"name":22,"type":23},"Azure","technology",{"name":25,"type":23},"Microsoft 365",{"name":27,"type":28},"Nation-state actors (unspecified)","threat_actor","6cbdd207-aaa1-4176-9534-e156b125e917",{"id":29,"icon":11,"name":31,"slug":32},"Nation-state","nation-state",[34,39,44],{"category":35},{"id":36,"icon":11,"name":37,"slug":38},"2c8f44d4-b56e-47cf-9677-04f22c9ee78d","Identity & Access","identity-access",{"category":40},{"id":41,"icon":11,"name":42,"slug":43},"c70f3a41-2f0c-4608-870d-b8cbcd8be076","Cloud Security","cloud-security",{"category":45},{"id":46,"icon":11,"name":47,"slug":48},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[50],{"type":51,"value":19,"context":52},"malware","Offensive\u002Fdefensive framework for Azure and Microsoft 365 being misused by nation-state actors for cloud attacks"]