The Hacker News

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.

This Microsoft Entra ID Vulnerability Could Have Been Catastrophic

A pair of flaws in Microsoft's Entra ID identity and access management system could have allowed an attacker to gain access to virtually all Azure customer accounts.

Microsoft Entra ID flaw allowed hijacking any company's tenant

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every ...
InfoWorld

What’s next for Azure API Management?

It’s not only our code that needs managing. Modern agentic AI services use APIs to access data, and we need to be sure that access is tightly regulated so that critical and sensitive information doesn ...
CSOonline

Azure API Management flaws highlight server-side request forgery risks in API development

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...
CSOonline

Microsoft patches 3 vulnerabilities in Azure API Management

The vulnerabilities comprise url formatting bypasses and an unrestricted file upload functionality in the API Management developer portal, according to cybersecurity firm Ermetic. Microsoft has ...

Napster Partners with Microsoft on Implementation of Azure AI Foundry

The collaboration leverages capabilities within Azure AI Foundry, to power Napster’s embodied AI Companions with instant, video-based interactionsBOCA RATON, Fla., Sept. 25, 2025 (GLOBE NEWSWIRE) -- ...