Microsoft faces a two-front exposure this week: CVE-2026-35431, a CVSS 10.0 spoofing vulnerability in Entra ID Entitlement Management affecting cloud identity governance, and the UNC6692 campaign that weaponizes Microsoft Teams, Quick Assist, and legitimate Windows utilities to execute a pre-ransomware intrusion chain targeting senior employees. Together these items place Microsoft’s identity plane and helpdesk workflow surface under simultaneous threat, though through distinct attack mechanisms requiring separate defensive responses.