Dark Reading
1 year, 2 months ago
'Cookie Bite' Entra ID Attack Exposes Microsoft 365
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.