Microsoft account-hijacking hole closed 48 hours after bug report

by
from The Register on (#19C9W)
Story ImageToken-harvesting attack meant one login could open doors to multiple Microsoft services

British researcher Jack Whitton has reported a Microsoft account hijacking authentication bug that would have been another arrow in an attacker's phishing quiver, save for the fact that Microsoft fixed it."

External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title The Register
Feed Link https://www.theregister.com/
Feed Copyright Copyright © 2026, Situation Publishing
Reply 0 comments