The Hacker News

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.
Bleeping Computer

Microsoft now enforces MFA on Azure Portal sign-ins for all tenants

Microsoft says it has been enforcing multifactor authentication (MFA) for Azure Portal sign-ins across all tenants since March 2025. The company's Azure MFA enforcement efforts were announced in May ...