Incident Analysis
Okta Cross-Tenant Impersonation 2024
Okta's cross-tenant impersonation advisory and related social-engineering campaigns exposed how identity providers get targeted. Lessons for defenders.
Mar 26, 20268 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Okta's cross-tenant impersonation advisory and related social-engineering campaigns exposed how identity providers get targeted. Lessons for defenders.
Researchers found thousands of valid Hugging Face API tokens in public code and models. Analysis of the 2024 exposures and what they mean for ML supply chain.
Researchers keep finding valid AWS, GitHub, and cloud credentials baked into public Docker Hub images. What the 2024 data shows and how to stop shipping secrets.
Zoom's security history from 2020 onward reshaped how the industry thinks about conferencing software supply chains, from installers to third-party components.
Mailchimp disclosed three social-engineering-driven intrusions in thirteen months; the timeline illustrates how repeated incidents shape vendor trust.
Slack disclosed a stolen-token incident over the 2022 holidays and a related GitHub repository access event; the operational lessons apply broadly.
In 2023, attackers used stolen GitHub personal access tokens to push malicious commits masquerading as Dependabot; a short-sharp incident with lasting lessons.
Dropbox's 2022 GitHub phishing incident began with a developer-targeted CircleCI lookalike campaign; the supply chain lessons centered on CI tokens and code.
Cisco Duo's 2024 disclosure about a telephony provider breach exposed SMS and voice MFA logs; the supply chain depth of authentication vendors is the story.
Weekly insights on software supply chain security, delivered to your inbox.