Microsoft admits a validation issue in its code that enabled China-based hackers to forge authentication tokens, granting unauthorized access.
— Read on thehackernews.com/2023/07/microsoft-bug-allowed-hackers-to-breach.html
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens