The Hacker News

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.

This serious Microsoft Entra flaw could have let hackers infiltrate any user, so patch now

Security researchers have found a critical vulnerability in Microsoft Entra ID which could have allowed threat actors to gain ...