AttackFeed by Joe Wagner | Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  - The Hacker News

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  – The Hacker News

Posted on By [email protected] (The Hacker News) No Comments on Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag  – The Hacker News
Attack Feeds

A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps.

Any other app on the same phone could ask for the signed-in user’s token and get it, then read email, open files, browse the calendar, and send messages as that user. No password, no login screen, no permission prompt.  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud  - The Hacker News
Attack Feeds
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud  – The Hacker News
February 16, 2026
AttackFeed by Joe Wagner | Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit  - The Hacker News
Attack Feeds
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit  – The Hacker News
March 12, 2026
AttackFeed by Joe Wagner | The CTEM Divide: Why 84% of Security Programs Are Falling Behind  - The Hacker News
Attack Feeds
The CTEM Divide: Why 84% of Security Programs Are Falling Behind  – The Hacker News
February 12, 2026
AttackFeed by Joe Wagner | Nigel Farage’s Russian hack claim ‘without any merit’, former NCSC chief says  - Data and computer security | The Guardian
Attack Feeds
Nigel Farage’s Russian hack claim ‘without any merit’, former NCSC chief says  – Data and computer security | The Guardian
May 25, 2026

Leave a Reply