Microsoft has patched a misconfiguration issue affecting the Azure Active Directory (AAD) identity and access management service that allowed unauthorized access to many “high-impact” applications. The vulnerabilities were reported to Microsoft in January and February 2022, after which the company implemented fixes and gave Wiz a $40,000 bug bounty.
Read full article on Heimdal Security Blog