Azure flaw left Bing results editable and MS 365 accounts exposed

A misconfiguration in Microsoft’s Azure Active Directory (AAD) could have allowed miscreants to subvert Microsoft’s Bing search engine – even changing search results. User information including Outlook emails, calendars and Teams messages was also vulnerable.

You can read the full article here.