Microsoft has announced plans to improve the security of Entra
ID authentication by blocking unauthorized script injection attacks
starting a year from now. The update to its Content Security Policy
(CSP) aims to enhance the Entra ID sign-in experience at
"login.microsoftonline[.]com" by only letting scripts from trusted
Microsoft domains run. "This update strengthens security and adds
an extra
Read more https://thehackernews.com/2025/11/microsoft-to-block-unauthorized-scripts.html
