A critical vulnerability in Microsoft's Entra Agent Identity Platform allowed attackers to hijack powerful service principals across an entire tenant. The Agent ID Administrator role — meant only for managing AI agent identities — had a scoping gap that let users assign themselves ownership of unrelated, high-privileged service principals, generate new credentials, and fully compromise environments. Discovered by Silverfort researchers, the flaw was patched by Microsoft across all cloud environments as of April 2026. Security teams should still audit audit logs for suspicious ownership or credential changes, and treat privileged service principals as critical infrastructure going forward.
Source: Cybersecurity News