Browsing Tag
Microsoft Entra
3 posts
Millions of Microsoft Entra Accounts Targeted in OAuth Client ID Spoofing Campaigns
Proofpoint details how attackers spoof OAuth client IDs to probe Microsoft Entra accounts, test credentials and bypass common sign-in detections at cloud scale.
July 14, 2026
Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation
Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft.
April 26, 2026
Microsoft Entra Design Lets Guest Users Gain Azure Control, Researchers Say
Researchers reveal how guest accounts with billing roles can create Azure subscriptions inside external tenants, gaining unexpected Owner access and opening hidden privilege risks.
May 28, 2025