https://www.bleepingcomputer.com/news/security/new-microsoft-365-sign-in-pages-already-spoofed-for-phishing/

Microsoft says that attackers have already adapted their phishing campaigns to use the newly updated design for Azure AD and Microsoft 365 sign-in pages.

"Office 365 ATP data shows that attackers have started to spoof the new Azure AD sign-in page in multiple phishing campaigns," Microsoft tweeted earlier. "We have so far seen several dozens of phishing sites used in these campaigns."