Microsoft fixes Entra ID flaw enabling privilege escalation
Microsoft fixed a Microsoft Entra ID flaw where the Agent ID Administrator role could enable privilege escalation and account takeover. Microsoft addressed a flaw in Microsoft Entra ID that could let attackers take over service accounts. The issue involved the Agent ID Administrator role, which manages AI agent identities and access, and could be abused […]
Microsoft addressed a flaw in Microsoft Entra ID that could let attackers take over service accounts. The issue involved the Agent ID Administrator role, which manages AI agent identities and access, and could be abused for privilege escalation.
Microsoft’s Agent Identity Platform lets AI agents have identities in Microsoft Entra ID, managed by the Agent ID Administrator role. Researchers found this role could take over any service principal by assigning ownership and adding credentials, enabling full compromise and privilege escalation. Microsoft fixed the issue, restricting the role to only agent-related objects.
Related breach coverage
- All supported cPanel versions hit by critical auth bug, now patched2026-04-29
cPanel fixed a critical authentication flaw that could let attackers access servers. The issue affects all supported versions. cPanel released security updates to address a critical authentication vulnerability that could allow attackers to gain unauthorized access to its control panel. The flaw affects all supported versions, raising serious risks for exposed servers. cPanel is a […]
- Critical bug in CrowdStrike LogScale let attackers access files2026-04-26
CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal. CrowdStrike recently disclosed a critical vulnerability, tracked as CVE-2026-40050, affecting its LogScale self-hosted product. The flaw enables unauthenticated path traversal, which could allow a remote attacker to read arbitrary files from the server filesystem. “CrowdStrike has released security updates […]
- GitHub fixes RCE flaw that gave access to millions of private repos2026-04-29
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories. [...]
- Robinhood account creation flaw abused to send phishing emails2026-04-27
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]