In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID.