Bleeping Computer

Microsoft overhauls security for publishing Edge extensions

Microsoft has introduced an updated version of the "Publish API for Edge extension developers" that increases the security for developer accounts and the updating of browser extensions. When first ...
Dark Reading

Critical Azure Entra ID Flaw Highlights Microsoft IAM Issues

A critical Microsoft authentication vulnerability could have allowed a threat actor to compromise virtually every Entra ID tenant in the world. The elevation of privilege (EoP) vulnerability, tracked ...
Forbes

Critical 10/10 Microsoft Cloud Security Vulnerability Confirmed

Update, May 11, 2025: This story, originally published May 9, has been updated with more details on the move towards greater cloud Common Vulnerabilities and Exposures (CVE) transparency by both ...
Bleeping Computer

Microsoft Entra ID flaw allowed hijacking any company's tenant

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor ...
Dark Reading

4 Main API Security Risks Organizations Need to Address

Security vulnerabilities in the application programming interfaces (APIs) powering modern digital services and applications have emerged as a major threat to enterprise systems and data. A recent ...