https://cybercrime.club/tags/service-principal/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usTue, 28 Apr 2026 11:09:37 -0400https://cybercrime.club/posts/entra-agent-id-administrator-cve-2026-35431-service-principal-takeover/Tue, 28 Apr 2026 11:09:37 -0400https://cybercrime.club/posts/entra-agent-id-administrator-cve-2026-35431-service-principal-takeover/A built-in Entra ID role meant to manage AI agents could be used to take ownership of any service principal in the tenant — including Global Administrator-equivalent ones — and authenticate as it. Microsoft patched cloud-side on April 9; Silverfort published technical details April 27.cloud-security