8 matches found
SaaS Breaches Start with Tokens - What Security Teams Must Watch
Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service SaaS applications to run their operations. However,...
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is no...
Cloudflare Hacked After State Actor Leverages Okta Breach
By Deeba Ahmed CloudFlare Servers Were Hacked on Thanksgiving Day Using Auth Tokens Stolen in Okta Breach. This is a post from HackRead.com Read the original post: Cloudflare Hacked After State Actor Leverages Okta Breach...
1Password Discloses Security Incident Linked to Okta Breach
By Waqas This incident is a perfect example of the phrase "one thing leading to another. This is a post from HackRead.com Read the original post: 1Password Discloses Security Incident Linked to Okta Breach...
A week in security (January 1 - 8)
Last week on Malwarebytes Labs: Why does technology no longer excite us? Lock and Code S04E01 New device? Here's how to safely dispose of your old one LastPass updates security notice with information about a recent incident Okta breached last month, no customers compromised Update VPN Plus Serve...
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. The campaigns are tied to focused abuse of identity and access management firm Okta, which gained the threat actors the 0ktapus...
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Both Microsoft and Okta are investigating claims by the new, precocious data extortion group Lapsus$ that the gang has breached their systems. Lapsus$ claimed to have gotten itself “superuser/admin” access to internal systems at authentication firm Okta. It also posted 40GB worth of files to its...
'This Is Really, Really Bad': Lapsus$ Gang Claims Okta Hack
Lapsus$ leaking Microsoft source code would be bad enough. Breaching Okta could be much, much worse...