Chinese state actors held access to Wiley Rein's Microsoft 365 tenant for eleven months before detection. The breach reveals how unenforced security…
Read more →A midsize accounting firm's tenant was locked after OAuth tokens were harvested through fake compliance emails. The April 2026 breach exposed the…
Read more →Between April phishing campaigns and the Vercel OAuth breach, professional services firms face threat actors who exploit the same Microsoft 365 configuration…
Read more →In February 2026, a Roblox cheat download led to production infrastructure compromise at Vercel—exposing how OAuth sprawl and unrestricted app permissions create…
Read more →OAuth app permissions enabled the DocketWise breach affecting 116,000 individuals and a device code phishing campaign compromising 340+ Microsoft 365 orgs in…
Read more →DocketWise exposed 116,666 records in April 2026. Mercor's whistleblower documented systematic gaps between SOC2 audits and actual tenant posture. Both incidents prove…
Read more →Most MCP servers connect to one tool. Ours orchestrates 40+ across Microsoft Graph, SharePoint, Planner, ADO, and WordPress — powering compliance automation…
Read more →A phishing campaign exploiting Microsoft's own OAuth flow has compromised over 340 organizations — including legal and healthcare firms — since February…
Read more →Three incidents from early 2026 — a LexisNexis breach, a Microsoft Copilot DLP bypass, and a surge in OAuth phishing — share…
Read more →While you are busy hunting for Cyber Monday deals and tracking last-minute shipments, cybercriminals are busy, too. The holiday season is historically…
Read more →