Identity

• Azure Sign-In Log Bypasses: When 'Check the Logs' Isn't Enough March 20, 2026

  TrustedSec has now found four Azure Entra ID sign-in log bypasses since 2023. The latest two returned fully functioning tokens without any log entry. All are patched -- but organisations that relied on sign-in logs for detection need to reassess what they might have missed. Here's the pattern, the detection opportunity, and what to do.

• Wikipedia Went Read-Only. One Dormant Script Did It. March 6, 2026

  On 5 March 2026, a malicious JavaScript dormant for 18 months on Russian Wikipedia caused mass page deletions and took Wikimedia offline for two hours. The real lesson is about privileged roles, trusted code execution paths, and blast radius.