In both situations Okta and Cloudflare a generic or system account has been compromised. CloudFlare would have had to upload or provide a session tokens or secret to Okta's support system.
Windows XP on it's own, behind Windows Firewall and a router firewall not doing anything too controversial may be fine. Where the risks become higher is when you have many machines across the network. That one host would lower the overall security of everything else around limiting the ability to disable weak protocols.
Backwards compatibility with Windows/AD has always caused issues with Active Directory becoming such a juicy target in the way system-to-systems interacted.
What makes today's English so great is what has been borrowed and adapted from foreign languages. Everything adapts and grows with the cultures around them.
PassKey is great but also may cause vendor lock-in looking at Google and Apple in particular.
Does anyone have any insights to how enterprises will be managing passkeys for corporate accounts with the potential of creds being leaked to potential compromised devices.