Topic: tenant compromise

Sort by: Relevance | Date
  • Microsoft Entra ID Flaw Let Attackers Hijack Company Tenants
    September 27, 2025
    94%

    Microsoft Entra ID Flaw Let Attackers Hijack Company Tenants

    A critical vulnerability (CVE-2025-55241) in Microsoft's Entra ID could have allowed attackers to gain full control over an organization's tenant by exploiting unsigned "actor tokens" and a weakness in the Azure AD Graph API. The flaw enabled attackers to impersonate any user, escalate privileges...

    Read More »
  • Microsoft's Entra ID Flaws: A Near-Catastrophic Security Risk
    September 21, 2025
    90%

    Microsoft's Entra ID Flaws: A Near-Catastrophic Security Risk

    Security researcher Dirk-jan Mollema discovered two severe vulnerabilities in Microsoft’s Entra ID that could have allowed attackers to gain global administrator privileges across nearly all Azure customer environments. The flaws enabled an attacker to impersonate any user in any tenant, potentia...

    Read More »
  • Microsoft Entra ID Flaw: The Critical Security Risk You Can't Ignore
    September 18, 2025
    63%

    Microsoft Entra ID Flaw: The Critical Security Risk You Can't Ignore

    Security researcher Dirk-jan Mollema discovered two critical vulnerabilities in Microsoft Entra ID that could allow attackers to gain global administrator privileges across nearly all customer tenants. The flaws, involving legacy components like the Access Control Service and Azure Active Directo...

    Read More »

Related Topics

cloud security (50) privilege escalation (32) security research (21) microsoft azure (6) vulnerability discovery (3) entra id (3) global administrator (2) digital infrastructure (32)