In July 2025, the cybersecurity world was rocked by security researcher Dirk-jan Mollema’s unveiling of a catastrophic vulnerability within Microsoft Entra ID. This was no ordinary flaw; it was a ...

Microsoft is tightening security around its Entra ID sign-in process by blocking external script injection, a move that could force some orgs to rethink their browser extension strategies. The update, ...

As AI agents proliferate, IT departments need visibility. Microsoft is giving agents the same deference as humans. Microsoft Entra now helps govern every agent's activities. The array of AI-related ...

Microsoft is rolling out public preview support for Entra ID authentication for RDP connections directly inside the Azure portal. For years, Azure Bastion has offered secure RDP and SSH access, but ...

This module was created in order to eliminate the need to build authentication into each and every other module that talks to Entra ID. Instead of having 10 different modules, each with different ...

Facepalm: Microsoft Entra ID, formerly known as Azure Active Directory, is a cloud-based identity and access management solution. The directory-based system provides authentication for nearly all ...

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor ...

Though patched, the flaw underscores systemic risks in cloud identity systems where legacy APIs and invisible delegation mechanisms can be exploited without detection, prompting calls for stronger ...

As businesses around the world have shifted their digital infrastructure over the last decade from self-hosted servers to the cloud, they’ve benefitted from the standardized, built-in security ...