SecurityWeek

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk

Six Microsoft 365 Android apps contain an identical flaw that could risk billions of downloads being compromised. The ...
The Hacker News

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

Debug flag disabled Microsoft 365 Android token checks, letting untrusted apps access accounts; patches issued May 12 to ...

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Microsoft patched a Microsoft 365 Android flaw that exposed account tokens across six apps. Here’s what IT teams should check ...
Android

Billions of Microsoft Apps Users Were Left Vulnerable to Account Hack: Here's How

Security researchers at Enclave have detailed “FlagLeft,” a critical vulnerability affecting six Microsoft 365 apps on Android, including Word, Excel, and Copilot. The issue stemmed from a single ...
Redmondmag.com

Microsoft 365 Android Coding Error Put Account Tokens at Risk

A coding error in several Microsoft 365 Android apps could have allowed a malicious app on the same device to silently obtain account tokens and act as the signed-in user, according to new research ...