<ul><li>Cybersecurity researchers were able to hijack Microsoft's Bing search engine and inject code that could have stolen Office 365 data from millions of customers.</li><li>The researchers found that a common Azure configuration allowed them to log into a content management system that controlled Bing search results.</li><li>They were able to inject scripts into Bing queries and hit an Office 365 API, which allowed them to take an authentication token and access sensitive data from millions of users.</li><li>Microsoft updated Azure Active Directory to prevent this issue and urged developers to review authorization logic.</li></ul>

Here's how hackers hijacked Bing results

Discover more