A severe vulnerability in Microsoft Entra ID, combining unsigned 'actor tokens' and a deprecated Azure AD Graph API flaw, could have allowed attackers to hijack any organization's tenant with Global Admin privileges. The exploit bypassed logging and security controls, posing a silent threat to millions of cloud identities. Researcher Dirk-jan Mollema uncovered and reported the issue, leading to a swift Microsoft patch.