The Jisc Cloud team in conjunction with the Jisc Trust and Identity team has published a post highlighting a potential security risk associated with the default Azure Active Directory (AAD) security settings that are commonly in place across our membership.
If your organisation uses AAD (or plans to use it), then please read this information and/or pass it onto relevant team(s) within your organisation for action as a matter of priority.
Read more at Azure Active Directory – Issues with User Consent (https://cloud.jiscinvolve.org/wp/2021/06/30/azure-active-directory-issues-with-user-consent/)