Hosted on MSN

One token to pwn them all: Entra ID bug could have granted access to every tenant

A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant worldwide ... in the legacy Azure Active Directory Graph API that did not properly ...
IT News For Australia Business

Actor auth tokens gave Global Admin access across Azure Entra ID tenants

A Dutch security researcher has published an indepth analysis of a critical vulnerability that could have allowed attackers to compromise every Microsoft Entra ID tenant worldwide through a ...