Enterprise automation platforms are critical for streamlining workflows, but they can also become targets for attackers. … Critical ServiceNow AI Platform Vulnerability Enables Remote Code ExecutionRead more
SaaS security
OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise Email
Threat actors are constantly adapting, and one increasingly abused technique inside Microsoft Entra ID is OAuth … OAuth Attacks in Entra ID Can Leverage ChatGPT to Compromise EmailRead more
Critical BeyondTrust RCE Vulnerability Exploited in the Wild
BeyondTrust has issued urgent security updates for a critical remote code execution (RCE) vulnerability affecting its … Critical BeyondTrust RCE Vulnerability Exploited in the WildRead more
287 Chrome Extensions Steal Browsing Data From 37.4M Users
A massive privacy breach has come to light: 287 Chrome extensions have been found exfiltrating browsing … 287 Chrome Extensions Steal Browsing Data From 37.4M UsersRead more
Firebase Phishing Attacks: How Hackers Abuse Trusted Cloud Apps
In 2025, phishing remained the #1 initial access vector in enterprise breaches, and attackers are now … Firebase Phishing Attacks: How Hackers Abuse Trusted Cloud AppsRead more
Vishing Attacks on SaaS Platforms: How ShinyHunters Is Bypassing MFA at Scale
In early 2026, Google-owned Mandiant identified a sharp escalation in vishing attacks on SaaS platforms, where … Vishing Attacks on SaaS Platforms: How ShinyHunters Is Bypassing MFA at ScaleRead more
Microsoft 365 Outlook Add-In Exploit: Exfil Out&Look Explained
For years, security teams have relied on Microsoft 365 Unified Audit Logs as a foundational control … Microsoft 365 Outlook Add-In Exploit: Exfil Out&Look ExplainedRead more
ServiceNow AI Vulnerability Exposes Emerging Risks in Autonomous Agent Security
In late 2025, researchers uncovered a high‑severity ServiceNow AI vulnerability (CVE‑2025‑12420, CVSS 9.3) that exposed organizations … ServiceNow AI Vulnerability Exposes Emerging Risks in Autonomous Agent SecurityRead more