Actor auth tokens gave Global Admin access across Azure Entra ID tenants

"Since the Azure AD Graph API is an older API for managing the core Azure AD / Entra ID service, access to this API could ...
Businessworld

Tenable Research Finds Jumpstart Environments For Azure Arc Using Improper Logging Utilities

Tenable Research has found that the Jumpstart environments for Microsoft’s Azure Arc do not properly use logging utilities common amongst other Azure services. This leads to potentially sensitive ...
Techzine Europe

Dutch hacker: all Microsoft Entra ID tenants at risk

Dutch security researcher Dirk-jan Mollema discovered a critical vulnerability in Microsoft Entra ID that allowed full access ...