Tag: Azure AD Graph

Introduction A researcher disclosed a chain of two Entra ID issues that, when combined, could have let an attacker gain Global Admin in virtually any tenant – bypassing Conditional Access and logs via Actor tokens and a validation flaw in legacy Azure AD Graph. Microsoft rapidly mitigated the issues in mid-July and later assigned a…