SaaS Security Blog - AppOmni

Salesforce GraphQL exploit explained and how we detect these threats

PRODUCT

Identify, protect, detect, and respond to SaaS threats

The AppOmni Platform

Complete SaaS and AI protection

SaaS & AI Discovery

Uncover shadow SaaS & AI

Configuration Management

Reduce misconfiguration risk

Third-Party Risk

Reduce connected apps risk

Threat Detection

SaaS threat and anomaly detection

Audit-ready without manual work

GenAI assistant

Supported Applications

Protect what matters

MANAGED SERVICES

Expert SaaS security without added headcount

SaaS and AI threat hunting service

Expert strategic security for SaaS and AI

COMPANY

Safeguarding your SaaS

Who we are, learn our mission

Get answers on SaaS & AI security

Learn about career opportunities at AppOmni

AppOmni in the news

Protecting your data

Meet us in person

Featured Resources

Blog

Filter by

AO Labs, Blog

What is the Salesforce GraphQL Exploit and What You Should Do

Salesforce GraphQL exploit exposed misconfigured guest data in Experience Cloud. Learn how it happened and how to prevent exposure.
Blog

ShinyHunters Claims Woflow Breach: What It Means for SaaS Supply Chain Security

Learn the security risks in SaaS supply chains and about ShinyHunters’ evolving extortion tactics behind the alleged Woflow breach.
Blog

AppOmni at RSAC 2026: Details to Know Before You Go

AppOmni shares RSA Conference 2026 insights to improve SaaS and AI security.
Blog

What SaaS Security ROI Looks Like in Practice

Security leaders are under pressure to prove ROI for SaaS security. We outline how buyers can use ROI to evaluate impact.
AO Labs, Blog

BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow

This blog deeply analyzes the interplay between Virtual Agent API and Now Assist enabled in this exploit.
Blog

ServiceNow Agentic AI: What It Means for CISOs, SOC Analysts, SaaS Admins, and Developers

Agentic AI expands ServiceNow risk. Read why securing AI agents matters for CISOs, InfoSec, SOC, admins, and IT leaders.
Blog

Security Advisory: Salesforce Gainsight Incident

Read AppOmni’s recommendations to secure your Salesforce-Gainsight integrations before it negatively impacts your customer data.
Blog

AppOmni Expands AI Security with Agentic AI Security for ServiceNow

See how AppOmni AgentGuard defends ServiceNow AI agents from prompt injection and access risks, building trust and compliance across platforms.
AO Labs, Blog

When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection

Aaron Costello uncovers how second-order prompt injection turns AI agents against their own systems. He explains how attackers exploit ServiceNow’s Now Assist…
Blog

How To Handle Increased Account Takeover Risks from Recent Credential Dumps

Billions of stolen credentials from Synthient heighten SaaS and IdP account takeover risks. Learn how AppOmni helps stop credential-based intrusions fast.