<ul data-eligibleForWebStory="true"><li>Semperis has discovered a critical vulnerability in Microsoft's Entra ID, nOAuth, affecting 10% of SaaS applications globally.</li><li>The flaw allows attackers to perform full account takeovers with minimal effort, bypassing key security measures like MFA and zero-trust architecture.</li><li>Over 15,000 SaaS apps out of 150,000 globally could be impacted, posing a significant threat to data security and privacy.</li><li>SaaS vendors are advised to promptly patch affected apps to mitigate the risk of exploitation, as prevention and detection measures are currently challenging.</li></ul>

Microsoft Entra ID vulnerability allows full account takeover – and takes barely any effort

Discover more