Semperis, a provider of AI-powered identity security and cyber resilience, released new research into nOAuth known vulnerability in Microsoft’s Entra ID that enables full account takeover in vulnerable SaaS apps with minimal attacker effort, posing a severe risk to enterprises relying on cross-tenant Entra integrations.
Eric Woodruff, Semperis’ Chief Identity Architect, presented his findings this week at the Troopers 2025 in Heidelberg, Germany.
