Remembering Dr. Eric Cole, ShinyHunters Exposes Identity-to-SaaS Gap, and Why Community is Our Last Defense Against Deepfakes
Also: The CYBR.SEC.CON call for papers has been extended to June 14. We hope to see you there!
Also: The CYBR.SEC.CON call for papers has been extended to June 14. We hope to see you there!
Salesforce knew its platform was being systematically exploited. Charter's customers are paying the price. The gaps that enabled these intrusions are largely the same. Here's what enterprises and platform providers should have done and still need to do.
A voice phishing call compromised one identity. Millions of records followed. The Charter breach is the latest evidence that the gap between identity security and SaaS governance isn't a gap enterprises can afford to keep ignoring.
The SaaS market has shed $1 trillion in value. Salesforce, Workday, Adobe, and Snowflake are all down at least 40% from 2025 peaks. For CISOs managing risk across a consolidating software stack, the implications for vendor stability, integration continuity, and contract leverage are significant.
For enterprise security teams already struggling with SaaS sprawl and third-party risk management, the Drift breach is a reminder that OAuth tokens—designed to enhance security by eliminating password sharing—are high-value targets.
It’s their necessity for such accessibility that makes secure configuration especially challenging—and when a zero-day vulnerability emerges, the damage can be swift.