TechRadar

This serious Microsoft Entra flaw could have let hackers infiltrate any user, so patch now

Actor tokens allowed cross-tenant impersonation without logging or security checks CVE-2025-55241 enabled Global Admin access via deprecated Azure AD Graph API Microsoft patched the flaw in September ...