Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Muromec
on Sept 29, 2023
|
parent
|
context
|
favorite
| on:
Everything authenticated by Microsoft is tainted
The worst part of the story to me is β- those were not even the right keys, those were something issued to a client and scoped, but scoping check was broken. Itβs unbelievably bad all around
ShadowRegent
on Sept 29, 2023
[β]
Close, but not quite. The keys were for consumer Microsoft accounts, but accepted for organization accounts as well.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
