A critical bug allowing impersonation of Microsoft corporate email accounts has been discovered by researcher Vsevolod Kokorin, making phishing attempts more convincing. Despite reporting the bug to Microsoft, the company dismissed the findings. Kokorin then publicly shared the bug on X without revealing technical details. The bug, affecting only Outlook accounts, poses a threat to at least 400 million users globally. Microsoft has faced multiple security issues in recent years, including a breach by a Russian-linked group and the theft of federal government emails by China in 2023. Following these incidents, Microsoft president Brad Smith pledged a renewed focus on cybersecurity. The potential impact of Kokorin’s bug remains unclear, but serves as a reminder of the ongoing challenges in securing corporate email systems.