Microsoft Entra is a technology platform tracked across 25 threat clusters and 33 intelligence report mentions on ThreatCluster. First observed November 5, 2025; most recent activity July 17, 2026.
On March 11, 2026, medical technology firm Stryker experienced a significant cyberattack attributed to the Iran-linked hacking group Handala. The attack exploited vulnerabilities in Stryker's Microsoft Intune endpoint…
A critical scoping vulnerability was identified in Microsoft Entra ID's Agent Identity Platform, enabling users with the Agent ID Administrator role to hijack arbitrary service principals within an organization's…
Cybercriminals are increasingly using OAuth client ID spoofing to conduct account enumeration against Microsoft Entra, the identity management service. This method allows attackers to infer username and password…
Recent assessments reveal significant vulnerabilities in Microsoft 365 environments, with identity-based attacks accounting for 79% of critical incidents. A demonstration showed how a fictional user, 'Standard Steve,'…
A security researcher, known as BobDaHacker, exploited a vulnerability in FIFA's backend API by registering as a player agent, which granted her unauthorized access to internal systems. This flaw allowed full control…
Zara experienced a data breach affecting over 197,000 customers, attributed to the ShinyHunters extortion group. The breach involved a compromise of the Anodot analytics platform, leading to the theft of unique email…
A misconfigured server in Budapest has exposed a phishing operation targeting Microsoft 365 users. The server was running a Python HTTP server with directory listing enabled, allowing access to phishing configurations…
Since April 2026, a threat actor identified as O-UNC-066, also known as 'Pink', has been executing a vishing campaign aimed at Microsoft 365 users. The campaign exploits a new passkey enrollment feature introduced by…
On April 1, 2026, Chime Financial's mobile app experienced a significant outage attributed to a cyberattack by the pro-Iranian hacker group Team 313. Customers reported being unable to access their accounts, leading to…
In early April 2026, Charter Communications suffered a data breach affecting 4.9 million accounts, attributed to the ShinyHunters extortion gang. The attackers accessed an employee's Microsoft Entra account via a voice…