Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection attacks starting a year from now.
The update to its Content Security Policy (CSP) aims to enhance the Entra ID sign-in experience at „login.microsoftonline[.]com“ by only letting scripts from trusted Microsoft domains run.
„This update strengthens security and adds an extra
https://thehackernews.com/2025/11/microsoft-to-block-unauthorized-scripts.html