CVE-2026-59208, a JWT matching flaw that could log users into another issuer’s account on affected multi-issuer Enterprise ...
Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover ...
OAuth client ID spoofing lets attackers test Entra accounts and stolen passwords without successful sign-ins, leaving ...
Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ...
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud ...
A technical walkthrough of the kerberoasting attack: the Kerberos quirk it abuses, RC4 vs AES, and how to detect and fix it ...