The Hacker News

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft patches 84 vulnerabilities, including two public zero-days, strengthening defenses against privilege escalation and cloud token theft.
Hosted on MSN

This serious Microsoft Entra flaw could have let hackers infiltrate any user, so patch now

Actor tokens allowed cross-tenant impersonation without logging or security checks CVE-2025-55241 enabled Global Admin access via deprecated Azure AD Graph API Microsoft patched the flaw in September ...