When a Dutch researcher glanced at a token stream while preparing a Black Hat talk, he didn’t just find a bug—he found a fault line in the foundations of cloud identity that could have allowed a single click to flip virtually every Microsoft Entra (Azure AD) tenant from secure to owned. The...