Cosmos DB users advised to regenerate their keys following serious vulnerability

Thousands of organizations using the Cosmos DB service on Microsoft Azure need to regenerate their primary read-write keys after researchers found a vulnerability that would have given external attackers access to copy, delete or modify data stored in databases. Microsoft fixed the vulnerability on the server-side and said they’ve seen no evidence of data being accessed by unauthorized parties, but the researchers who found the flaw and the US Cybersecurity and Infrastructure Security Agency (CISA) recommend that all Cosmos DB users who had the Jupyter Notebook feature enabled rotate their keys.