Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation
Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft.
More results...
Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft.
A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID Administrator role to hijack arbitrary service principals across an organizationR…
In this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over three years. Cyber has become a core instrument of state power, integrated w…
A newly identified cyber threat group, UNC6692, is using a clever mix of social engineering and custom malware to infiltrate corporate networks. By impersonating IT helpdesk personnel on Microsoft Teams, these hackers trick employees into downloading a…
Microsoft OneDrive’s recent updates focus on improving intelligence, collaboration, and administrative control. “Last year, we made a promise: your files should work for you, not the other way around. That meant reimagining OneDrive not just as a place…
More than 1,370 Microsoft SharePoint servers remain publicly exposed to an actively exploited spoofing vulnerability, putting countless corporate networks at severe risk. Identified by threat intelligence researchers at The Shadowserver Foundation, the…
Microsoft has issued an emergency out-of-band security update to address a severe vulnerability within the .NET framework. The critical release of .NET 10.0.7 patches an Elevation of Privilege flaw that inadvertently surfaced after a recent routine sys…
Microsoft vulnerabilities hit a record high while critical flaws decline, BeyondTrust report reveals rising risks across Windows, Office, and Azure systems.
Microsoft has rolled out Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, bringing crucial updates for system security and storage management. Announced by the Windows Insider Program Team on April 10, 2026, this release delivers enhance…
Microsoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers after deploying the April 2026 cumulative update KB5082063 (OS Build 26100.32690), released on April 14, 2026. Affected domain controllers are entering repe…