The Entra ID Vulnerability That Could Have Compromised Every Microsoft 365 Tenant
CVE-2025-55241 scored a perfect 10.0 CVSS and allowed attackers to impersonate any user, including Global Admins, across tenants without triggering MFA or leaving audit trails. Here is what happened, why it matters, and what your team should do now.
TrueConfig TeamFeb 6