Microsoft Graph - Geek Feed

New GoGra malware for Linux uses Microsoft Graph API for comms

April 24, 2026April 24, 2026 geekfeed0Tagged Cyberespionage, Harvester, linux, malware, Microsoft Graph, outlook

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. The malware is developed by Harvester, an espionage group believed to be state-baked, and is considered highly evasive due to its use of Microsoft Graph API to access mailbox data. Harvester has been active since at least […]

2 mins read

Microsoft Entra ID flaw allowed hijacking any company’s tenant

September 24, 2025September 24, 2025 geekfeed0Tagged Actor Token, API, Azure Active Directory, Azure AD, CVE-2025-55241, Global Admin, Microsoft Entra ID, Microsoft Graph

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. The fatal mix included undocumented tokens called “actor tokens” and a vulnerability in the Azure AD Graph API (CVE-2025-55241) that allowed the tokens to work with any organization’s Entra ID environment. A […]

6 mins read