Hosted on MSN

One token to pwn them all: Entra ID bug could have granted access to every tenant

The issue was fixed and confirmed as mitigated, and a CVE was raised on September 4. It is, however, an alarming vulnerability involving flawed token validation that can result in cross-tenant access.

New rules for authenticating payments beyond SMS OTP to kick-in from April 2026

The RBI will implement new digital payment authentication rules from April 1, 2025, allowing alternatives to SMS OTP while ...