Microsoft has awarded an independent security researcher $50,000 as part of its bug bounty program for reporting a flaw that could have allowed a malicious actor to hijack users’ accounts without their knowledge.
Reported by Laxman Muthiyah, the vulnerability aims to brute-force the seven-digit security code that’s sent to a user’s email address or mobile number to corroborate his (or her)Read More – The Hacker News

By |2021-03-03T10:18:47-05:00March 3rd, 2021|