In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.