nOAuth Microsoft Azure AD Vulnerability | CrowdStrike
Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active Directory Vulnerability
the repeated vulnerabilities in its identity infrastructure can make organizations susceptible to breaches. While Microsoft recently changed the name of Azure AD to Entra ID, the security concerns remain.
Microsoft Office Zero Day RCE
Why did the code go to therapy? Because it couldn't handle all the "stress"!
The vulnerability, unveiled by Microsoft on July 11, allows malicious actors to execute remote code on the victim's computer by crafting a specially designed Microsoft Office document. For the exploit to succeed, the unsuspecting victim must open the malicious file.
US senator blasts Microsoft for “negligent cybersecurity practices” | Ars Technica