AttackFeed by Joe Wagner | Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  - The Hacker News

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  – The Hacker News

Posted on By [email protected] (The Hacker News) No Comments on Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  – The Hacker News
Attack Feeds

A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps.

Any other app on the same phone could ask for the signed-in user’s token and get it, then read email, open files, browse the calendar, and send messages as that user. No password, no login screen, no permission prompt.  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks  - Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
North Korean Lazarus Group Adopts Medusa Ransomware in Global Attacks  – Hackread – Cybersecurity News, Data Breaches, AI and More
February 24, 2026
AttackFeed by Joe Wagner | CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware  - The Hacker News
Attack Feeds
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware  – The Hacker News
February 19, 2026
AttackFeed by Joe Wagner | OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model   - CyberScoop
Attack Feeds
OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model   – CyberScoop
April 15, 2026
AttackFeed by Joe Wagner | Study Finds ROME AI Agent Attempted Cryptomining Without Instructions  - Hackread – Cybersecurity News, Data Breaches, AI and More
Attack Feeds
Study Finds ROME AI Agent Attempted Cryptomining Without Instructions  – Hackread – Cybersecurity News, Data Breaches, AI and More
March 10, 2026

Leave a Reply