Dark Reading

Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover

A disabled security setting meant to protect authentication across Android versions of key apps paved the way for attackers ...

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...
Redmondmag.com

Microsoft 365 Android Coding Error Put Account Tokens at Risk

A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research ...
Neowin

Microsoft has an update on Exchange Online Basic Auth removal for Office 365Microsoft has an update on Exchange Online Basic Auth removal for Office 365Microsoft has an update ...

Back in 2022, Microsoft announced the retirement of Basic Authentication as it was moving to modern OAuth 2.0 token-based authentication. The reason was simple, to move away from such simple ...
Android

Billions of Microsoft Apps Users Were Left Vulnerable to Account Hack: Here's How

Security researchers at Enclave have detailed “FlagLeft,” a critical vulnerability affecting six Microsoft 365 apps on Android, including Word, Excel, and Copilot. The issue stemmed from a single ...