Conditional Access
The latest Conditional Access coverage — news, analysis, and updates from the WindowsNews.AI desk.
How Attackers Are Using Microsoft’s Own Login Page to Hijack Your 365 Account
A new phishing toolkit can break into Microsoft 365 accounts without stealing a single password, and it does so by exploiting a legitimate Microsoft sign-in workflow. The attack, detailed in research...
Microsoft Pulls Plug on RHEL 8 Intune Support: July 2026 Deadline Sets Migration Clock Ticking
Microsoft will drop Intune management support for Red Hat Enterprise Linux 8 desktops on July 24, 2026, according to an advisory posted to the Microsoft Intune admin center yesterday. The decision...
Intune to Automate AI Agent Compliance: Windows Devices Face Blocks for Unauthorized Tools
Microsoft will soon give IT administrators a powerful new weapon to stop users from running unapproved local AI assistants on company machines. A freshly posted entry on the Microsoft 365 roadmap...
81 Million Login Attempts Later: How Azure CLI Password Spraying Bypassed MFA and What You Must Fix
On June 12, 2026, attackers launched a massive password-spray campaign against Microsoft Azure CLI accounts, generating over 81 million login attempts and compromising 78 accounts across 64...
Microsoft Previews Context-Driven Conditional Access for Windows 365 Cloud PC Redirections
Microsoft has rolled out a public preview of context-based redirections for Windows 365, giving IT administrators dynamic control over data flows to and from cloud PCs. The feature, which entered...
Huntress Managed ISPM Now Generally Available, Hardening Microsoft 365 Identities for MSPs
Managed service providers (MSPs) now have a new weapon in the escalating battle against identity-based attacks targeting Microsoft 365 tenants. Huntress announced the general availability of its...
Microsoft to Block Rooted and Jailbroken Devices from Entra Work Accounts via Authenticator by Mid-2026
Starting soon, Microsoft Authenticator will begin warning users with rooted Android phones or jailbroken iPhones that their devices are unsupported for work or school accounts, with full enforcement...
UK SMEs face 2026 deadline to adopt living Microsoft 365 security baselines
Microsoft’s security baselines are undergoing a fundamental transformation that will reshape how UK small and medium-sized enterprises (SMEs) secure their Microsoft 365 tenants. By 2026, the...
Microsoft Flips the Switch on Context-Based Redirection for Windows 365 and AVD
Microsoft has put context-based redirection policies for Windows App into public preview, giving IT administrators a powerful new lever to tighten security for Windows 365 and Azure Virtual Desktop....
FBI Warns Kali365 Phishing Kit Exploits Microsoft Device Code Flow to Slip Past MFA
The FBI’s Internet Crime Complaint Center (IC3) issued an urgent alert in May 2026 about Kali365, a newly identified phishing‑as‑a‑service platform that is systematically hijacking Microsoft...
Microsoft 365 Baseline Security Mode: One-Click Hardening with Legacy Exclusions
Microsoft has quietly rolled out Baseline Security Mode, a new opt-in feature in the Microsoft 365 admin center that allows organizations to apply a comprehensive set of security recommendations with...
MSPs Combat Microsoft 365 Configuration Drift to Stop Silent Security Erosion
When a mid-sized accounting firm underwent a routine cyber insurance assessment, the results shook the IT director. The company’s Microsoft 365 environment, initially configured with strict...