Microsoft Entra ID flaw allowed hijacking any company's tenant

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every ...

Actor auth tokens gave Global Admin access across Azure Entra ID tenants

A Dutch security researcher has published an indepth analysis of a critical vulnerability that could have allowed attackers ...

This Microsoft Entra ID Vulnerability Could Have Been Catastrophic

A pair of flaws in Microsoft's Entra ID identity and access management system could have allowed an attacker to gain access ...
Security Boulevard

Why Hybrid Windows Environments are Still a Security Blind Spot

Hybrid Windows environments pose a security risk due to outdated identity controls. Relying on static credentials and fragmented visibility, these setups are vulnerable. Modernization with workload ...

Microsoft confirms Azure recovery after undersea cable incident in Red Sea, services back online

Microsoft has confirmed that Azure cloud services are now functioning normally after disruptions caused by damage to undersea cables in the Red Sea. The company is continuing to monitor and optimise ...
Security Boulevard

Why DevOps Still Struggles with Least Privilege (Even in 2025)

While least privilege remains a fundamental security principle, DevOps teams consistently fail to apply it to non-human identities, like CI/CD pipelines and applications. This struggle stems from a ...
SDxCentral

Microsoft AKS Automatic looks to slash the ‘Kubernetes tax’

Brendan Burns, corporate VP for Azure Compute at Microsoft and co-founder of the Kubernetes open source project while at ...
CSO Online

VoidProxy phishing-as-a-service operation steals Microsoft, Google login credentials

If a victim is unwise enough to enter their primary Microsoft or Google credentials on the phishing page, the data is sent to ...