#Entra ID
7 stories taggedEntra ID.

Azure CLI Under Sustained IPv6 Password Spray; 78 Tenants Breached
Automated spray campaign from a single ASN burned through 81 million auth attempts in two weeks, hitting az login endpoints from an unusual IPv6 range.

Device Code Phishing Is Eating MFA. Behavioral Detection Is the Backstop.
Token theft and consent-grant abuse sidestep the second factor entirely. Defenders are leaning on anomaly detection because the login looks legitimate.

A Dev Flag Left Microsoft Account Tokens Exposed Across Billions of Android Installs
A single misconfigured development setting bypassed token-protection controls in Microsoft's Android apps. The blast radius was massive.

Microsoft Wires Agentic AI Into Edge for Business — With an Audit Leash Attached
A limited preview of Edge for Business introduces Copilot-driven task automation alongside Microsoft Purview controls that log, filter, and block sensitive data before it leaves the tenant.

Kali365 Phishing Kit Hijacks Microsoft OAuth Tokens to Silently Bypass MFA
The FBI has flagged a device-code phishing campaign powered by Kali365, a toolkit that steals OAuth tokens tied to Microsoft 365 accounts without ever touching a user's password.

Microsoft Skips a Zero-Day for the First Time in Two Years. Nobody Wants to Talk About Why.
118 fixes shipped, none under active exploit, and a quiet Anthropic project keeps surfacing in vendor briefings. Microsoft, Apple and Oracle declined to discuss it on the record.

FBI flags Kali365, the latest phishing kit pitched at draining Microsoft 365 tenants
The bureau says the subscription-priced service abuses OAuth device-code flows to lift session tokens and walk straight past MFA.