OAuth vulnerability threatens Azure accounts

There is a vulnerability in specific Microsoft OAuth 2.0 applications that could let an attacker gain access and control of a victim’s Azure account.

The flaw was found by Cyberark researchers who noticed that many white-listed OAuth applications, at least 54, automatically trust domains and sub-domains that are not registered

...continue reading...

Source: SC Magazine / Article: "OAuth vulnerability threatens Azure accounts"