AO Labs
-
EvilToken and Microsoft 365: A Familiar Attack Playbook, Scaled with AI
High-value M365 user orgs targeted by an AI-powered device code phishing campaign. Here’s how the EvilToken attack happened, and what prevention controls…
-
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
“Repeated compromises of the same vendor in a short period suggest a persistent weakness,” said Cory Michal, CSO at AppOmni.
-
Trivy Scanner Compromise Explained and What it Means For Your SaaS and CI/CD Security
The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and required remediation steps…
-
What is the Salesforce GraphQL Exploit and What You Should Do
Salesforce GraphQL exploit exposed misconfigured guest data in Experience Cloud. Learn how it happened and how to prevent exposure.
-
BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
This blog deeply analyzes the interplay between Virtual Agent API and Now Assist enabled in this exploit.
-
When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection
Aaron Costello uncovers how second-order prompt injection turns AI agents against their own systems. He explains how attackers exploit ServiceNow’s Now Assist…
-
Heisenberg: How We Learned to Stop Worrying and Love the SBOM
Turn SBOMs into supply chain defense with Heisenberg, an open source tool developed by Max Feldman and Yevhen Grinman. It stops risky…
-
Detecting ShinyHunters/UNC6040 Vishing Campaigns in Salesforce OAuth Attacks
Spot UNC6040 vishing attacks, secure OAuth apps, boost SaaS security with AppOmni’s Threat Detection.
-
Post-Incident CRM Forensics: Why Deploying AppOmni Is a Best Practice
OAuth abuse exposes SaaS data. AppOmni’s threat detection and security posture management shut it down.
-
Salesforce Industry Clouds: 0-days and Exploitable Misconfigs
AppOmni’s latest research reveals 20+ OmniStudio security flaws, including 5 CVEs affecting Salesforce industry clouds. Learn how misconfigurations expose sensitive data and…
