BeyondTrust has issued urgent security updates for a critical remote code execution (RCE) vulnerability affecting its … Critical BeyondTrust RCE Vulnerability Exploited in the WildRead more
SaaS security
287 Chrome Extensions Steal Browsing Data From 37.4M Users
A massive privacy breach has come to light: 287 Chrome extensions have been found exfiltrating browsing … 287 Chrome Extensions Steal Browsing Data From 37.4M UsersRead more
Firebase Phishing Attacks: How Hackers Abuse Trusted Cloud Apps
In 2025, phishing remained the #1 initial access vector in enterprise breaches, and attackers are now … Firebase Phishing Attacks: How Hackers Abuse Trusted Cloud AppsRead more
Vishing Attacks on SaaS Platforms: How ShinyHunters Is Bypassing MFA at Scale
In early 2026, Google-owned Mandiant identified a sharp escalation in vishing attacks on SaaS platforms, where … Vishing Attacks on SaaS Platforms: How ShinyHunters Is Bypassing MFA at ScaleRead more
Microsoft 365 Outlook Add-In Exploit: Exfil Out&Look Explained
For years, security teams have relied on Microsoft 365 Unified Audit Logs as a foundational control … Microsoft 365 Outlook Add-In Exploit: Exfil Out&Look ExplainedRead more
ServiceNow AI Vulnerability Exposes Emerging Risks in Autonomous Agent Security
In late 2025, researchers uncovered a high‑severity ServiceNow AI vulnerability (CVE‑2025‑12420, CVSS 9.3) that exposed organizations … ServiceNow AI Vulnerability Exposes Emerging Risks in Autonomous Agent SecurityRead more