CSOonline

Attacker uses the Azure Serial Console to gain access to Microsoft VM

Using the access to virtual machines the attackers employed malicious use of the Serial Console on Azure Virtual Machines to install third-party remote management software within client environments.
Ars Technica

SuperMicro, IPMI, and Java

Obviously there are workarounds to this, running the web client in a virtual machine that only talks on a VPN, etc. But it seems like every new release of their firmware increases the number of ...