A $50,000 Bug Could've Allowed Hackers Access Any Microsoft Account

Microsoft has awarded an independent security researcher $50,000 as part of its bug bounty program for reporting a flaw that could have allowed a malicious actor to hijack users' accounts without their knowledge. Reported by Laxman Muthiyah, the vulnerability aims to brute-force the seven-digit security code that's sent to a user's email address or mobile number to corroborate his (or her)
https://thehackernews.com/2021/03/a-50000-bug-couldve-allowed-hackers.html?utm_source=dlvr.it&utm_medium=blogger