Microsoft Threat Intelligence recently uncovered a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus ...

Mark Cuban said people who use AI either use it to learn everything or to avoid learning.Tom Williams/CQ-Roll Call, Inc via Getty Images Mark Cuban says there are two types of people who use AI. Which ...

In July 2025, the cybersecurity world was rocked by security researcher Dirk-jan Mollema’s unveiling of a catastrophic vulnerability within Microsoft Entra ID. This was no ordinary flaw; it was a ...

Actor tokens allowed cross-tenant impersonation without logging or security checks CVE-2025-55241 enabled Global Admin access via deprecated Azure AD Graph API Microsoft patched the flaw in September ...

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor ...

Though patched, the flaw underscores systemic risks in cloud identity systems where legacy APIs and invisible delegation mechanisms can be exploited without detection, prompting calls for stronger ...

A critical Microsoft authentication vulnerability could have allowed a threat actor to compromise virtually every Entra ID tenant in the world. The elevation of privilege (EoP) vulnerability, tracked ...

A Dutch security researcher has published an indepth analysis of a critical vulnerability that could have allowed attackers to compromise every Microsoft Entra ID tenant worldwide through a ...

As businesses around the world have shifted their digital infrastructure over the last decade from self-hosted servers to the cloud, they’ve benefitted from the standardized, built-in security ...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to ...