Microsoft Entra - Geek Feed

New CoPhish attack steals OAuth tokens via Copilot Studio agents

October 28, 2025October 28, 2025 geekfeed0Tagged ai, Artificial Intelligence, Copilot, Copilot Studio, Microsoft Copilot Studio, Microsoft Entra, OAuth, OAuth Tokens, phishing

A new phishing technique dubbed ‘CoPhish’ weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains. The technique was developed by researchers at Datadog Security Labs, who warned in a report earlier this week that Copilot Studio’s flexibility introduces new, undocumented phishing risks. Although CoPhish relies on social […]

5 mins read

Microsoft Entra account lockouts caused by user token logging mishap

April 24, 2025April 24, 2025 geekfeed0Tagged Access Token, Account Lockout, Logging, microsoft, Microsoft Entra

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. On Saturday morning, numerous organizations reported that they began receiving Microsoft Entra alerts that accounts had leaked credentials, causing the accounts to be locked out automatically. Impacted customers initially thought the account lockouts […]

2 mins read

Widespread Microsoft Entra lockouts tied to new security feature rollout

April 24, 2025April 24, 2025 geekfeed0Tagged Account Lockout, Leaked Credentials, MACE Credential Revocation, microsoft, Microsoft Entra, windows

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID’s “leaked credentials” detection app called MACE. These alerts and lockouts began last night, with some admins believing they were false positives as the accounts have unique passwords that are not used on any […]

2 mins read