#actor-tokens

[ follow ]
#entra-id #cve-2025-55241 #azure-ad-graph-api #microsoft-entra-id #azure-ad-graph #cross-tenant-impersonation
Information security
fromIT Pro
14 hours ago

A terrifying Microsoft flaw could've allowed hackers to compromise 'every Entra ID tenant in the world'

A critical Entra ID vulnerability (CVE-2025-55241) could have allowed cross-tenant full administrative compromise via undocumented 'Actor' tokens and Azure AD Graph API validation flaws.
Information security
fromTechzine Global
3 days ago

Dutch hacker: all Microsoft Entra ID tenants at risk

A critical Microsoft Entra ID vulnerability allowed full access to every tenant worldwide due to undocumented impersonation tokens and an Azure AD Graph validation error.
[ Load more ]