Tag

identity security

6 articles on identity security.

← All blog posts
SSO Vishing And SaaS Data Theft: Domain Monitoring Before The Helpdesk Call
AI & MLJul 13, 2026

SSO Vishing And SaaS Data Theft: Domain Monitoring Before The Helpdesk Call

ShinyHunters-style SSO vishing shows how fake login domains, MFA enrollment abuse, and SaaS access can become data theft. Domain monitoring gives defenders early warning.

3 min read
AI-Enabled Device Code Phishing: How OAuth Tokens Became the New Credential Theft Target
PhishingMay 10, 2026

AI-Enabled Device Code Phishing: How OAuth Tokens Became the New Credential Theft Target

Device code phishing turns a legitimate OAuth flow into a token theft path. Learn how AI-assisted lures, Entra ID abuse, and session token replay change phishing detection in 2026.

10 min read
LLMjacking Explained: How Attackers Abuse Cloud Credentials to Steal AI Compute
CloudMay 8, 2026

LLMjacking Explained: How Attackers Abuse Cloud Credentials to Steal AI Compute

LLMjacking combines cloud credential theft with expensive AI workloads. Learn how attackers find exposed keys, abuse model APIs, hide compute costs, and how defenders can detect the pattern.

10 min read
Non-Human Identity Security: API Keys, Service Accounts, and Workload Credentials in 2026
IdentityMay 7, 2026

Non-Human Identity Security: API Keys, Service Accounts, and Workload Credentials in 2026

Non-human identities now outnumber users in most environments. Learn how API keys, service accounts, CI tokens, and workload credentials become attack paths and how to govern them.

10 min read
OAuth Consent Phishing: Detecting Malicious App Grants Before Data Exfiltration
PhishingMay 6, 2026

OAuth Consent Phishing: Detecting Malicious App Grants Before Data Exfiltration

OAuth consent phishing tricks users into granting access instead of giving up passwords. Learn how malicious app grants work, which permissions matter, and how to detect abuse early.

10 min read
Session Token Theft: Why Infostealers Bypass MFA and How Defenders Respond
MalwareMay 5, 2026

Session Token Theft: Why Infostealers Bypass MFA and How Defenders Respond

Infostealers increasingly target browser cookies, session tokens, and refresh tokens. Learn why MFA is not enough, what token theft looks like, and how to detect replay.

9 min read