insider-threat
Safeguard articles tagged "insider-threat" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Insider Threats in Open Source Projects: Lessons from XZ Utils
The XZ Utils backdoor was a three-year social engineering operation, not a coding mistake. What the timeline shows about maintainer trust, and what you can actually monitor.
Coinbase TaskUs Insider Breach: When the BPO Becomes the Attack Surface
In May 2025 Coinbase disclosed that contractor support agents at TaskUs had been bribed to leak customer data for months. We unpack the insider-threat supply-chain anatomy and what crypto and fintech defenders must change.
Coinbase Social Engineering and Insider Threat: How Bribed Support Agents Led to a $400M Breach
Attackers bribed overseas Coinbase support agents to steal customer data, then demanded a $20M ransom. Coinbase refused to pay and disclosed everything.
OpenAI Internal Breach: What the 2023 Forum Hack Reveals About AI Company Security
Reports emerged that a hacker accessed OpenAI's internal messaging systems in early 2023, raising questions about AI company security practices and the risks of concentrated AI development.
LAPSUS$ Group: Unconventional Attack Techniques That Embarrassed Big Tech
LAPSUS$ broke into Microsoft, Nvidia, Samsung, and Okta using social engineering and insider recruitment rather than sophisticated malware. Their techniques exposed fundamental security gaps.