@theitnerd.ca on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

The IT Nerd

theitnerd.ca

did:plc:4daagiezglabeoyaj3c4lnol

Azure Entra flaw could enable user impersonation Microsoft patched an Azure Entra elevation of privilege flaw (CVE-2025-55241) that appeared minor and required no customer action. But security researcher Dirk-jan Mollema revealed a deeper issue: undocumented "Actor tokens" combined with an Azure… https://itnerd.blog/2025/09/23/azure-entra-flaw-could-enable-user-impersonation/

2025-09-23T20:30:36.010Z