The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER
Blog

Tag: Breaches

Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
Dan Kaplan
Aug 2025
|
3 min read
Image of back of developer working at three computers.

GitHub Action tjactions/changed-files Supply Chain Breach Exposes NHI Risks in CI/CD

Long-lived credentials and secrets fueled the attack.
Dan Kaplan
Mar 2025
|
4 min read
Image of lock on top of computer hardware

BeyondTrust Breach Exposes API Key Abuse Risks

When a single API key compromise spiraled into a broader attack, it exposed how overlooked non-human identities can become gateways for escalating threats.
Dan Kaplan
Jan 2025
|
3 min read
malicious hacker carrying anonymous mask looking at servers

How to Defend Non-Human Identities from Infostealers

The identity layer’s most insidious threat is now setting its sights on a different group of targets. Here’s how to be ready.
Kevin Sapp
Nov 2024
|
4 min read
Advance-Protection-Against-NHI-Breaches

How to Advance Breach Protection Against Non-Human Identity Threats in Workloads (Slide Show)

Sticky note security now plagues application and service connections, necessitating a shift to more mature workload access safeguards.
Dan Kaplan
Jun 2024
|
2 min read
Load More