Product
Attackers are leveraging first-party Microsoft applications in Entra ID to conduct OAuth phishing attacks, bypassing traditional consent prompts and accessing sensitive resources like Microsoft Graph and legacy Azure AD.