Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

/in

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.
The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no

The Hacker News – ​Read More

A Cyberattack on Jaguar Land Rover Is Causing a Supply Chain DisasterA Cyberattack on Jaguar Land Rover Is Causing a Supply Chain DisasterFortra Patches Critical GoAnywhere MFT Vulnerability