Several security missteps on Microsoft's part allowed a China-based threat actor to forge authentication tokens and access user email from some 25 Microsoft enterprise customers earlier this year, the ...