Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says:
https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackersTL;DR: MS knew about Golden SAML in 2016 but didn't fix the security issue because money comes first. As the US government went cloud a known major security issue would be bad for business. Then the supply chain attack via SolarWinds happened in 2020 (utilizing Golden SAML).