Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Service principals

Microsoft fixes Entra ID role flaw that could let users take over service principals

Cloud, News, Research, Vulnerabilities

April 27, 2026

Microsoft fixed an Entra ID role flaw that could let users with the Agent ID Administrator role take over non-agent service principals, add credentials and potentially escalate privileges, according to a Silverfort technical analysis.
China-linked Murky Panda exploits cloud trust to move laterally, CrowdStrike finds

Cloud, Cybercrime, News, Vulnerabilities

August 23, 2025

A CrowdStrike 2025 Threat Hunting Report finds a 136% increase in cloud intrusions, driven by Murky Panda’s use of zero-day exploits and, more notably, their manipulation of trusted cloud relationships to move from SaaS providers into downstream customer environments, with links to a February 2025 breach of Commvault’s Microsoft Azure cloud environment highlighted as a…

About
Editorial Policy
Privacy
Contact