this post was submitted on 16 May 2026
17 points (94.7% liked)

Pulse of Truth

2395 readers
156 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
17
Microsoft rejects critical Azure vulnerability report, no CVE issued (www.bleepingcomputer.com)
submitted 21 hours ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
2 comments fedilink hide all child comments
 

A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that "no product changes were made," despite the researcher documenting a silent fix. [...]

you are viewing a single comment's thread
view the rest of the comments
[–] SpaceNoodle@lemmy.world 2 points 21 hours ago

While that would hurt end users more than the customers themselves, it might eventually teach those upstream a valuable lesson.