[{"data":1,"prerenderedAt":2584},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":36,"navbar-about-highlight":108,"navbar-resource-highlight":182,"news-index":226,"press-pages":320,"news-items":1063},[4],{"name":5,"enabled":6},"maintenanceMode",false,[8],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"query":14,"data":15,"variations":20,"lastUpdated":21,"firstPublished":22,"testRatio":23,"createdBy":24,"lastUpdatedBy":25,"folders":26,"meta":27,"rev":35},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner","1c6207a5f24948ab82d4a0b17f251193","published",[],{"type":16,"url":17,"text":18,"link":19},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,1,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2","jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":28,"lastPreviewUrl":29,"breakpoints":30,"hasAutosaves":34},"data","",{"xsmall":31,"small":32,"medium":33},320,640,768,true,"ga0kpxjhh76",{"createdDate":37,"id":38,"name":39,"modelId":40,"published":13,"stageModifiedSincePublish":6,"query":41,"data":42,"variations":97,"lastUpdated":98,"firstPublished":99,"testRatio":23,"createdBy":100,"lastUpdatedBy":101,"folders":102,"meta":103,"rev":107},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",[],{"ctaText":43,"text":44,"url":29,"blocks":45,"state":93},"ewrererw","testrfesssssssssss",[46,73,81],{"@type":47,"@version":48,"id":49,"component":50,"responsiveStyles":63},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":51,"tag":51,"options":52,"isRSC":62},"TopBannerContent",{"text":53,"ctaText":54,"url":55,"mainText":56,"cta":59},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks","Save Your Spot","https://pushsecurity.com/webinar/state-of-browser-security",{"content":57,"fontSize":58},"\u003Cp>Meet Push's browser security experts at BlackHat 2026.\u003C/p>","text-base",{"content":60,"fontSize":58,"url":61},"\u003Cp>Book a meeting →\u003C/p>","https://pushsecurity.com/events/blackhat-2026-meeting",null,{"large":64},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"marginTop":70,"marginBottom":70,"fontSize":71,"fontWeight":72},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"@type":47,"@version":48,"id":74,"component":75,"responsiveStyles":79},"builder-a2e1f4b9f30b464bb814d7f5de5b0aa7",{"name":76,"options":77,"isRSC":62},"Custom Code",{"code":78,"scriptsClientOnly":6},"\u003Cstyle>\n  .top-banner.bg-web-orange{background:rgb(114, 79, 255);}\n\u003C/style>\n",{"large":80},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69},{"id":82,"@type":47,"tagName":83,"properties":84,"responsiveStyles":88},"builder-pixel-o503s4fpvk","img",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":89},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},"block","hidden","none",{"deviceSize":94,"location":95},"large",{"path":29,"query":96},{},{},1783541846936,1774968080803,"ST0tXQM8slWpFrmioqKHmENB2qe2","kYgMv6WsbvfmlOUYqR2SFwGzw6e2",[],{"kind":104,"lastPreviewUrl":105,"hasLinks":6,"breakpoints":106,"hasErrors":6,"hasAutosaves":6},"component","https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"kyujw1aptq",[109,145],{"createdDate":110,"id":111,"name":112,"modelId":113,"published":13,"stageModifiedSincePublish":6,"query":114,"data":115,"variations":138,"lastUpdated":139,"firstPublished":140,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":141,"meta":142,"rev":144},1776247359804,"9136a8f18b3b4a6ba29b8653a99372b1","testimonial-inductive-automation","20d9eaa352304613b3d1a794b400703d",[],{"link":116,"type":117,"testimonialLink":118,"testimonial":119},{},"testimonial","/customer-stories/inductive-automation",{"@type":120,"id":121,"model":117,"value":122},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79",{"query":123,"folders":124,"createdDate":125,"id":121,"name":126,"modelId":127,"published":13,"data":128,"variations":132,"lastUpdated":133,"firstPublished":134,"testRatio":23,"createdBy":100,"lastUpdatedBy":100,"meta":135,"rev":137},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":129,"jobTitle":130,"quote":126,"image":131},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,{"kind":28,"lastPreviewUrl":29,"breakpoints":136,"hasAutosaves":34},{"small":32,"medium":33},"e8bsg4qrgtu",{},1776247404986,1776247404973,[],{"breakpoints":143,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"g9lqcuxphw7",{"createdDate":146,"id":147,"name":148,"modelId":113,"published":13,"meta":149,"stageModifiedSincePublish":6,"query":151,"data":152,"variations":178,"lastUpdated":179,"firstPublished":180,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":181,"rev":144},1776255761419,"05a9322735fc427db12e2740e4302300","Report: 2026 Browser Attack Techniques",{"breakpoints":150,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":153,"link":172,"type":175,"title":148,"description":176,"image":177},{"@type":120,"id":154,"model":117,"value":155},"192acbb1f9ca4cac918c0ec435a8bae3",{"query":156,"folders":157,"createdDate":158,"id":154,"name":159,"modelId":127,"published":13,"data":160,"variations":166,"lastUpdated":167,"firstPublished":168,"testRatio":23,"createdBy":100,"lastUpdatedBy":24,"meta":169,"rev":171},[],[],1728981467463,"Push does for identity what CrowdStrike did for the endpoint",{"video":161,"jobTitle":162,"author":163,"qoute":29,"quote":164,"image":165},"https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8b30e8ca50064058bbaef0f3c6164575%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=8b30e8ca50064058bbaef0f3c6164575&alt=media&optimized=true","\u003Cp>Deputy CISO at Microsoft\u003C/p>\u003Cp>Former LinkedIn, Slack, Palantir\u003C/p>","Geoff Belknap","Push does for identity what CrowdStrike did for the endpoint.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F748f0ad0a5064a00a13f4721fcc8dea1",{},1742902158597,1728981782923,{"kind":28,"lastPreviewUrl":29,"breakpoints":170,"hasAutosaves":34},{"small":32,"medium":33},"ulhc0im1hfo",{"text":173,"url":174},"Download now","/resources/browser-attacks-report","resource","Learn about the latest techniques being used in the wild.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9",{},1776255810913,1776255810900,[],[183,205],{"createdDate":184,"id":185,"name":148,"modelId":186,"published":13,"meta":187,"stageModifiedSincePublish":6,"query":189,"data":190,"variations":200,"lastUpdated":201,"firstPublished":202,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":203,"rev":204},1776256900280,"1f429607996e4e5fae8fe3f9b9610e55","4829faa81e7c4ee8bd2d000e160e8d3c",{"breakpoints":188,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":191,"link":199,"type":175,"title":148,"description":176,"image":177},{"@type":120,"id":154,"model":117,"value":192},{"query":193,"folders":194,"createdDate":158,"id":154,"name":159,"modelId":127,"published":13,"data":195,"variations":196,"lastUpdated":167,"firstPublished":168,"testRatio":23,"createdBy":100,"lastUpdatedBy":24,"meta":197,"rev":171},[],[],{"video":161,"jobTitle":162,"author":163,"qoute":29,"quote":164,"image":165},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":198,"hasAutosaves":34},{"small":32,"medium":33},{"text":173,"url":174},{},1776256937553,1776256937540,[],"xggsv10v1q9",{"createdDate":206,"id":207,"name":208,"modelId":186,"published":13,"stageModifiedSincePublish":6,"query":209,"data":210,"variations":220,"lastUpdated":221,"firstPublished":222,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":223,"meta":224,"rev":204},1776256949234,"ce043785b71b4ece98eac811ecf4ba10","inductive-automation",[],{"link":211,"type":117,"testimonial":212,"testimonialLink":118},{},{"@type":120,"id":121,"model":117,"value":213},{"query":214,"folders":215,"createdDate":125,"id":121,"name":126,"modelId":127,"published":13,"data":216,"variations":217,"lastUpdated":133,"firstPublished":134,"testRatio":23,"createdBy":100,"lastUpdatedBy":100,"meta":218,"rev":137},[],[],{"author":129,"jobTitle":130,"quote":126,"image":131},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":219,"hasAutosaves":34},{"small":32,"medium":33},{},1776256974140,1776256974130,[],{"breakpoints":225,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":227,"id":228,"name":229,"modelId":230,"published":13,"stageModifiedSincePublish":6,"query":231,"data":237,"variations":311,"lastUpdated":312,"firstPublished":313,"testRatio":23,"screenshot":314,"createdBy":100,"lastUpdatedBy":293,"folders":315,"meta":316,"rev":319},1745323767748,"9b9c30a396874136b690b67e018af9ce","News base page","606610f7fb9e4e6599108b224bd1f6e6",[232],{"@type":233,"property":234,"operator":235,"value":236},"@builder.io/core:Query","urlPath","is","/news",{"seoTitle":238,"themeId":6,"title":229,"inputs":239,"seoDescription":240,"blocks":241,"url":236,"state":308},"Push Security News",[],"Find all our latest news stories",[242,303],{"@type":47,"@version":48,"id":243,"component":244,"responsiveStyles":301},"builder-4d532a941b2c4c97a291fa440110ec51",{"name":245,"tag":245,"options":246,"isRSC":62},"NewsHero",{"newsHero":247,"buttonText":250},{"prefix":248,"type":249,"buttonText":250,"item":251},"Latest news","press release","Read more",{"@type":120,"id":252,"model":253,"value":254},"34836edeeec4405db30d58fc059b54e7","press-pages",{"createdDate":255,"id":252,"name":256,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":258,"data":261,"variations":288,"lastUpdated":289,"firstPublished":290,"testRatio":23,"screenshot":291,"createdBy":292,"lastUpdatedBy":293,"folders":294,"meta":295,"rev":300},1778530034765,"PR20260512 Push Security Launches AI-Native Agentic Threat Hunting for the Browser","f4b8a13df871497bb5e61c4707cfc5e5",[259],{"@type":233,"property":234,"operator":235,"value":260},"/news/push-launches-ai-native-agentic-threat-hunting-for-the-browser",{"seoTitle":262,"seoDescription":263,"title":262,"ogImage":264,"themeId":6,"image":264,"date":265,"inputs":266,"blocks":267,"url":260,"state":285},"Push Security Launches AI-Native Agentic Threat Hunting for the Browser, Redefining Detection & Response in the Secure Enterprise Browser Market","New capabilities combine deep threat research, rich browser telemetry, and AI agents to deliver the most powerful detection capabilities in the industry ","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb48d2f175ee84d8d9cf50c519fdf25d3","Tue May 12 2026 00:00:00 GMT-0700 (Pacific Daylight Time)",[],[268,280],{"@type":47,"@version":48,"id":269,"meta":270,"component":272,"responsiveStyles":276},"builder-cbefa7cce11a431b91770c679f15fbd3",{"previousId":271},"builder-6427a29f3d3d46189e337e47406433ca",{"name":273,"options":274,"isRSC":62},"Text",{"text":275},"\u003Cp>\u003Cem>New capabilities combine deep threat research, rich browser telemetry, and AI agents to deliver the most powerful detection capabilities in the industry&nbsp;\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — (May 12, 2026) —\u003C/strong>&nbsp;Push Security, the most powerful AI-native security tool in the browser, today announced a major evolution of its platform, introducing an AI-native, agentic approach to threat hunting and detection engineering within its Secure Enterprise Browser extension. This new capability positions Push at the forefront of the emerging Secure Enterprise Browser (SEB) category, delivering faster, more accurate detection of modern browser-based attacks.\u003C/p>\u003Cp>As attackers increasingly leverage AI to automate and mutate campaigns, traditional detection methods based on indicators of compromise (IOCs), such as domains, URLs, and IP addresses, are rapidly losing effectiveness. Push’s agentic approach instead focuses on identifying attacker techniques, tactics, and procedures (TTPs), which are significantly harder to evade.\u003C/p>\u003Cp>“AI is only as good as the context it has,” said Jacques Louw, chief research officer of Push Security. “We have spent years watching browser attacks evolve, hunting for new techniques before they're seen in the wild, and have built a platform that can scale that expertise across millions of browsers and billions of events per day. We are not just processing more data, we are isolating signals that really matter and finding new kits and techniques before they impact our customers.”\u003C/p>\u003Cp>\u003Cstrong>From AI hype to operational reality\u003C/strong>\u003C/p>\u003Cp>While many vendors emphasize proprietary AI models, Push has taken a fundamentally different approach, built on infrastructure that operationalizes AI through:\u003C/p>\u003Cul>\u003Cli>A widely deployed browser extension that delivers high-fidelity telemetry across millions of browsers, providing the rich context that powers detection.\u003C/li>\u003Cli>A detection pipeline where AI agents, powered by frontier models, are given the right context to analyze suspicious activity, identify new TTPs, and turn them into production-ready detections.\u003C/li>\u003Cli>A continuously evolving internal knowledge base of attacker TTPs and detection logic that is enabling agent-driven hunting exercises.\u003C/li>\u003C/ul>\u003Cp>Push leverages commercial AI models as interchangeable infrastructure. The differentiation isn’t in the model itself, but in how it is applied and the depth of context it is given by Push.&nbsp;\u003C/p>\u003Cp>\u003Cstrong>Detection at machine speed with analyst-level fidelity\u003C/strong>\u003C/p>\u003Cp>Push’s agentic system operates through two continuous loops:\u003C/p>\u003Cul>\u003Cli>\u003Cstrong>Inner loop:\u003C/strong> Real-time detection and response for known attacker techniques, delivered through prebuilt, configurable controls that block established TTPs, accounting for 98% of detections.\u003C/li>\u003Cli>\u003Cstrong>Outer loop:\u003C/strong> A continuous learning system where agents hunt for new threats in browser telemetry, analyze emerging behaviors, and create new detections, capturing the remaining 2% of completely new TTPs – constantly improving the inner loop.\u003C/li>\u003C/ul>\u003Cp>Using this approach, Push can deliver real-time blocking protection against new (often AI-generated) tools and attacker infrastructure that uses existing attack techniques, and also discover and deploy detections for emerging techniques (two recent examples include ConsentFix, InstallFix) in minutes rather than days.\u003C/p>\u003Cp>Already this year, Push has tripled the cumulative number of detections for new TTPs in emerging browser-based attacks like device code phishing, AitM phishing, and ClickFix variants, demonstrating the speed and scale of its system.\u003C/p>\u003Cp>\u003Cstrong>Fast evolving enterprise security priorities\u003C/strong>\u003C/p>\u003Cp>The need for this approach is reflected in how enterprise security priorities are rapidly shifting. According to \u003Ca href=\"https://research.esg-global.com/reportaction/515202191/Marketing\" rel=\"noopener noreferrer\" target=\"_blank\">new research from Omdia\u003C/a>, there is overwhelming concern around emerging threats that use AI for scale and sophistication and target the browser. More importantly, these issues are leading to real-world impacts, with more than half of organizations (55%) reporting a successful or suspected browser-based attack in the last 12 months. As a result, organizations are putting focus and budget behind browser security, with 88% indicating it is among their top five security priorities.\u003C/p>\u003Cp>\"Enterprise security teams are quickly coming to understand the critical gaps that exist in their defenses when it comes to browser-based threats,” said John Grady, principal analyst, cybersecurity at Omdia. “Attackers know many organizations are unprepared and target their campaigns accordingly. To close this gap, security teams need AI-driven threat detection that actually works and can defend against today’s advanced browser-based attacks.\"\u003C/p>\u003Cp>\u003Cstrong>Built for signal, not noise\u003C/strong>\u003C/p>\u003Cp>Push’s philosophy is grounded in a simple principle: detecting meaningful attacker behavior matters more than chasing ephemeral indicators linked to a single campaign. By focusing on TTPs at the top of the “Pyramid of Pain,” Push avoids the noise and redundancy of IOC-based approaches that still define the industry standard.\u003C/p>\u003Cp>“While customers can add custom detections that include IOCs like domain names or URL patterns, the core platform does not have any concept of ‘known-bad domains,’ we take the Pyramid of Pain seriously,” said Louw. “Attackers can rotate indicators endlessly, even more so with AI, but they can’t easily change how their attacks fundamentally work. That’s where we focus detection.”\u003C/p>\u003Cp>\u003Cstrong>Privacy by design\u003C/strong>\u003C/p>\u003Cp>Push’s architecture is designed to protect user privacy while enabling high-quality detection. The platform collects broad browser metadata locally in the browser, avoiding dragnet collection of sensitive data, and only queries relevant metadata signals during active threat hunting investigations.&nbsp;\u003C/p>\u003Cp>By focusing on collecting the correct contextual browser metadata, and distilling offensive understanding, Push avoids having to train custom models on customer data.&nbsp;\u003C/p>\u003Cp>\u003Cstrong>Threat hunting expertise, delivered as a product\u003C/strong>\u003C/p>\u003Cp>Push’s agentic system automates the work traditionally performed by expert threat hunters. Agents continuously ingest new research, generate and test hypotheses, reduce false positives, and expand detection coverage, delivering enterprise-grade threat hunting as a single, easy-to-deploy solution.\u003C/p>\u003Cp>This enables organizations of all sizes, from startups to global enterprises, to access advanced browser threat protection without requiring specialized in-house expertise.\u003C/p>\u003Cp>\u003Cstrong>Setting a new standard for browser security\u003C/strong>\u003C/p>\u003Cp>With this launch, Push is defining a new category standard for AI-driven browser security, one that prioritizes real detection outcomes over abstract AI claims.\u003C/p>\u003Cp>“When we started Push, identity attacks in the browser were the primary source of attacks, and they still are,” said Adam Bateman, CEO of Push Security. “What’s changed is that AI has given attackers the ability to operate at a speed and scale that traditional security tools cannot match. That’s exactly why we have built an AI-native platform from the ground up.”\u003C/p>\u003Cp>As the browser becomes the central interface for work and a primary attack surface, Push’s agentic approach ensures security teams can keep pace with increasingly sophisticated AI-enabled threats.\u003C/p>\u003Cp>“Browser security doesn’t need more dashboards or marketing around undefined AI risks; it needs systems that can keep up with how AI is actually used in attacks in the real world,” said Louw. “This is about setting a new baseline: security that continuously learns, adapts, and ships real detections at the pace of the threat, not one that lags days or weeks behind it.”\u003C/p>\u003Cp>\u003Cstrong>Availability\u003C/strong>\u003C/p>\u003Cp>New AI-native agentic threat hunting capabilities are available now to Push customers. For more information, check out today’s\u003Ca href=\"https://pushsecurity.com/blog/can-ai-replace-a-threat-researcher-what-we-learned-building-an-agentic-threat-hunting-pipeline\" rel=\"noopener noreferrer\" target=\"_blank\"> Push blog post\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":277},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},"normal","auto",{"id":281,"@type":47,"tagName":83,"properties":282,"responsiveStyles":283},"builder-pixel-g3p8fodukxl",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":284},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":286},{"path":29,"query":287},{},{},1778701678951,1778587825241,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F04eb1ac15d674d7ab2a627d4755cf3da","rGmJFEtPqFbC0o3fwsbG5B9aNv03","ax7YYfD0OCeqT1Vxxv1G4FUbqVr1",[],{"breakpoints":296,"winningTest":62,"hasLinks":6,"kind":297,"lastPreviewUrl":298,"originalContentId":299,"hasErrors":6,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"page","https://pushsecurity.com/news/push-launches-ai-native-agentic-threat-hunting-for-the-browser?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=34836edeeec4405db30d58fc059b54e7&builder.overrides.34836edeeec4405db30d58fc059b54e7=34836edeeec4405db30d58fc059b54e7&builder.overrides.press-pages:/news/push-launches-ai-native-agentic-threat-hunting-for-the-browser=34836edeeec4405db30d58fc059b54e7&builder.options.locale=Default","33f99f60cb084b399cd665ea33353de5","6jdwx167wbh",{"large":302},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69},{"id":304,"@type":47,"tagName":83,"properties":305,"responsiveStyles":306},"builder-pixel-ysm2nehowd",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":307},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":309},{"path":29,"query":310},{},{},1779477746362,1745323833486,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F500cf088acd44b1f985077d324240ef6",[],{"lastPreviewUrl":317,"hasLinks":6,"breakpoints":318,"kind":297,"hasErrors":6,"hasAutosaves":6},"https://pushsecurity.com/news?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=news-index&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.news-index=9b9c30a396874136b690b67e018af9ce&builder.overrides.9b9c30a396874136b690b67e018af9ce=9b9c30a396874136b690b67e018af9ce&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"b16u7u1oyus",[321,363,403,441,478,502,540,578,612,648,683,720,755,800,845,891,934,980,1022],{"createdDate":322,"id":323,"name":324,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":325,"data":328,"variations":353,"lastUpdated":354,"firstPublished":355,"testRatio":23,"screenshot":356,"createdBy":292,"lastUpdatedBy":25,"folders":357,"meta":358,"rev":362},1783001169066,"cf2f70a5fce94ac6862a00a1dc314f72","PR20260702-Push-wins-pinnacle-award",[326],{"@type":233,"property":234,"operator":235,"value":327},"/news/push-security-wins-pinnacle-award-best-ai-threat-detection",{"image":329,"ogImage":329,"date":330,"seoTitle":331,"title":332,"themeId":6,"inputs":333,"seoDescription":334,"blocks":335,"url":327,"state":350},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa6389338b7d5442794020dd0d0cbd4dd","Thu Jul 02 2026 08:00:00 GMT+0100 (British Summer Time)","Push Security Push Security Wins Pinnacle Award for Best AI-Powered Threat Detection","Push Security Wins Pinnacle Award for Best AI-Powered Threat Detection",[],"Recognition proves the value of Push's agentic threat detection model, scaling to meet the increase in AI-powered attacks",[336,345],{"@type":47,"@version":48,"id":337,"meta":338,"component":340,"responsiveStyles":343},"builder-344a758bdd394933a1dfee1fa426d7c7",{"previousId":339},"builder-ff1dc560e60740fb9defce7855ae2cfc",{"name":273,"options":341,"isRSC":62},{"text":342},"\u003Cp>\u003Cem>Recognition highlights Push's agentic threat hunting pipeline and browser-native AI security platform.\u003C/em>\u003C/p>\u003Cp>Push Security, the most powerful AI-native security tool in the browser, today announced it has been named a winner in the \u003Ca href=\"https://www.pinnacle-award.com/winners-technology-2026\" rel=\"noopener noreferrer\" target=\"_blank\">2026 Pinnacle Award for Technology\u003C/a>, being selected as a Diamond honoree in the Best AI-Powered Threat Detection category. The award recognizes Push’s development of an end-to-end agentic threat hunting and detection engineering pipeline, a system that uses AI agents as a force multiplier for Push’s human threat research team, tripling the number of new detections shipped to customers in the first half of this year.\u003C/p>\u003Cp>“Adversaries don’t iterate according to a quarterly roadmap, they evolve continuously, shipping new attack techniques faster than any human team can manually respond to them,” said Adam Bateman, CEO of Push Security. “We built our agentic pipeline to match that pace, and winning this award is a signal that the industry recognizes what’s at stake when detection speed is measured in minutes.”\u003C/p>\u003Cp>\u003Cstrong>Putting AI to work against AI-enabled attacks\u003C/strong>\u003C/p>\u003Cp>Push’s agentic threat hunting pipeline combines human threat researchers with AI agents to identify novel browser-based attack techniques at a scale no human team alone could match.&nbsp;\u003C/p>\u003Cp>\u003Ca href=\"https://pushsecurity.com/blog/can-ai-replace-a-threat-researcher-what-we-learned-building-an-agentic-threat-hunting-pipeline\" rel=\"noopener noreferrer\" target=\"_blank\">In a recent demonstration\u003C/a> of the system's capability, Push researchers and AI agents analyzed trillions of browser events to uncover an in-the-wild InstallFix attack, a sophisticated phishing campaign using a Cloudflare Pages-hosted kit with a WebAssembly C2 connector, designed to trick users into installing malware via a convincing fake AI platform page. The detection was engineered and deployed to all Push customers within minutes of discovery.\u003C/p>\u003Cp>The same foundational capability that detects attacks also governs how employees use AI tools. Push’s browser-native platform provides real-time visibility and control over AI application usage, seeing what users paste into AI prompts, what data moves to unapproved tools, and which AI apps are operating without security oversight, all enforced at the session layer where the data actually flows.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss,&nbsp; all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About the Pinnacle Awards\u003C/strong>\u003C/p>\u003Cp>The Pinnacle Awards recognize excellence and innovation across the technology, marketing, and communications industries, spotlighting the organizations and individuals setting new standards for impact and achievement. For more information, visit \u003Ca href=\"https://www.pinnacle-award.com/\" rel=\"noopener noreferrer\" target=\"_blank\">www.pinnacle-award.com\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>Media Contact:\u003C/strong>\u003C/p>\u003Cp>Kelly Davenport\u003C/p>\u003Cp>Senior Product Marking Manager\u003C/p>\u003Cp>kelly.davenport@pushsecurity.com\u003C/p>",{"large":344},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":346,"@type":47,"tagName":83,"properties":347,"responsiveStyles":348},"builder-pixel-j8urmzzpno",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":349},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":351},{"path":29,"query":352},{},{},1783001454490,1783001454464,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F605a65da65ec4cec9bbee129d54b41b0",[],{"kind":297,"hasLinks":6,"winningTest":62,"hasErrors":6,"originalContentId":359,"breakpoints":360,"lastPreviewUrl":361,"hasAutosaves":6},"5e427d1630dc42d3b721ecbffd1ca2d7",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-wins-pinnacle-award-best-ai-threat-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=cf2f70a5fce94ac6862a00a1dc314f72&builder.overrides.cf2f70a5fce94ac6862a00a1dc314f72=cf2f70a5fce94ac6862a00a1dc314f72&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","ww0nruosfs",{"createdDate":364,"id":359,"name":365,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":366,"data":369,"variations":394,"lastUpdated":395,"firstPublished":396,"testRatio":23,"screenshot":397,"createdBy":292,"lastUpdatedBy":25,"folders":398,"meta":399,"rev":362},1781277598130,"PR20260612-Push-Named-Best-Enterprise-Browser-THN",[367],{"@type":233,"property":234,"operator":235,"value":368},"/news/push-named-best-secure-enterprise-browser-seb",{"themeId":6,"title":370,"seoTitle":371,"date":372,"ogImage":373,"image":374,"seoDescription":375,"inputs":376,"blocks":377,"url":368,"state":391},"Push Security Named Best Secure Enterprise Browser in The Hacker News Cybersecurity Stars Awards","Push Security Named Best Secure Enterprise Browser by The Hacker News ","Fri Jun 12 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fafa37d63972243219857c6cbb4b28ab7","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5b1ca78c5ed441cd84c37c33c1db416e","Recognition proves enterprise browser security doesn’t require a new browser; Push wins by working with what’s already there",[],[378,386],{"@type":47,"@version":48,"id":339,"meta":379,"component":381,"responsiveStyles":384},{"previousId":380},"builder-8a28990693844705a398aa16b21a9a59",{"name":273,"options":382,"isRSC":62},{"text":383},"\u003Cp>\u003Cem>Recognition proves enterprise browser security doesn’t require a new browser; Push wins by working with what’s already there\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — June 12, 2026 — \u003C/strong>Push Security, the most powerful AI-native security tool in the browser, today announced it has been named \u003Ca href=\"https://awards.thehackernews.com/winners/2026/push-security-browser-extension/\" rel=\"noopener noreferrer\" target=\"_blank\">Best Secure Enterprise Browser\u003C/a> in The Hacker News’ inaugural Cybersecurity Stars Awards. The recognition underscores Push Security's differentiated approach to enterprise browser security. Rather than requiring organizations to replace the browsers their employees already use, Push deploys as a lightweight extension that transforms any browser into a high-fidelity telemetry source and real-time control point.\u003C/p>\u003Cp>“The enterprise browser market has been dominated by vendors asking security teams to upend their entire browser infrastructure,” said Adam Bateman, CEO of Push Security. “Instead, we ensure every browser your team currently relies on is fully secured. Winning this award confirms the industry’s support for our approach.”\u003C/p>\u003Cp>Enterprise browser security has historically forced a difficult choice: Accept the limited visibility of conventional browsers, or mandate a wholesale migration to a proprietary browser that employees resist and IT teams struggle to deploy. Push Security rejects that trade-off entirely.\u003C/p>\u003Cp>By deploying as an extension via MDM, browser policy, or direct install, Push works across popular browsers — including Chrome, Edge, Firefox, Safari, and more — as well as emerging agentic browsers, like Comet, Atlas, and Dia. This means that hundreds of thousands of users can be protected in minutes with zero downtime, compared to months-long browser migration projects that often stall entirely.\u003C/p>\u003Cp>\u003Cstrong>Visibility that no other tool can match\u003C/strong>\u003C/p>\u003Cp>Push operates directly inside the browser, capturing the signal that other security layers miss. This includes user input, rendered DOM, scripts, and pre-TLS client-side requests, telemetry that network tools, SWG proxies, and CASB solutions are architecturally blind to.&nbsp;\u003C/p>\u003Cp>The result is the highest-fidelity visibility available at the browser layer, covering:\u003C/p>\u003Cul>\u003Cli>Session events, file uploads and downloads, clipboard activity, credential submissions, and unsanctioned AI app usage\u003C/li>\u003Cli>AiTM phishing kits including Evilginx, Sneaky2FA, and Tycoon2FA\u003C/li>\u003Cli>Clipboard-injection campaigns such as ClickFix and ConsentFix\u003C/li>\u003Cli>Session hijacking via stolen tokens&nbsp;\u003C/li>\u003Cli>Malicious and unapproved extensions&nbsp;\u003C/li>\u003Cli>OAuth consent abuse\u003C/li>\u003Cli>Credential reuse from infostealer activity&nbsp;\u003C/li>\u003C/ul>\u003Cp>When a threat is identified, Push acts immediately, blocking phishing attempts, preventing credential submission on unauthorized sites, and preventing malicious script downloads in real time, and all within the browser session, without waiting for a policy update or analyst intervention. This approach effectively shifts detection much earlier in the kill chain, preventing account and endpoint compromise before it can happen.\u003C/p>\u003Cp>\u003Cstrong>One platform, four use cases\u003C/strong>\u003C/p>\u003Cp>Push consolidates what previously required multiple point solutions into a single browser extension, covering four distinct enterprise security use cases:\u003C/p>\u003Cul>\u003Cli>\u003Cstrong>Identity and shadow IT hardening:\u003C/strong> Enforcing credential hygiene and gaining visibility into unsanctioned SaaS usage\u003C/li>\u003Cli>\u003Cstrong>AI visibility and control:\u003C/strong> Monitoring and governing employee use of AI tools and data inputs, including visibility and control over file uploads and downloads and clipboard activity, as well as unsanctioned AI app usage\u003C/li>\u003Cli>\u003Cstrong>Detection and response:\u003C/strong> Real-time detection and response against the modern attacker TTPs that are the No. 1 source of breaches, combined with autonomous agentic threat hunting that identifies active campaigns and emerging threats and ships production-grade detections in minutes, not days\u003C/li>\u003Cli>\u003Cstrong>DLP and insider threat investigations:\u003C/strong> Browser-layer telemetry and controls to prevent security incidents related to data loss and to provide the evidentiary record for browser activity that traditional DLP tools lack\u003C/li>\u003C/ul>\u003Cp>\u003Cstrong>The first AI-native agentic threat hunting in the secure enterprise browser category\u003C/strong>\u003C/p>\u003Cp>\u003Ca href=\"https://pushsecurity.com/news/push-launches-ai-native-agentic-threat-hunting-for-the-browser\" rel=\"noopener noreferrer\" target=\"_blank\">Launched in May 2026\u003C/a>, Push's agentic detection engine brings a capability that no other secure enterprise browser vendor offers: Autonomous agents that continuously ingest threat research, generate and test detection hypotheses against live browser telemetry, and deploy production-grade detections in minutes.&nbsp;\u003C/p>\u003Cp>This agentic approach, fueled by a research team with deep red and blue team experience, has delivered a threefold increase in new-TTP detection volume in 2026 alone. Push researchers have been first to document and name emerging attack techniques, such as ConsentFix and InstallFix, and to track the massive increase this year in device code phishing campaigns, before they go mainstream. That intelligence feeds directly into the agents, ensuring detections reflect real attacker behavior rather than theoretical frameworks or outdated threat intelligence lists of static IOCs.\u003C/p>\u003Cp>“We compete in the Secure Enterprise Browser market, but we've never lost sight of what matters to security teams: detection depth, not just browser features,” said Bateman. “With this recognition, it’s clear that the market is recognizing the difference.”\u003C/p>\u003Cp>The company also recently announced it has \u003Ca href=\"https://pushsecurity.com/news/push-named-to-redpoint-infrared-100\" rel=\"noopener noreferrer\" target=\"_blank\">been named to the 2026 Redpoint InfraRed 100 Report\u003C/a>, an annual list recognizing ascendant private companies that are building the foundational infrastructure powering the next wave of AI innovation.&nbsp;\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About The Hacker News\u003Cem> \u003C/em>Cybersecurity Stars Awards&nbsp;\u003C/strong>\u003C/p>\u003Cp>The Hacker News Cybersecurity Stars is an inaugural awards program recognizing outstanding innovation, impact, and leadership across the cybersecurity industry. Winners are selected based on technical differentiation, real-world effectiveness, and demonstrable customer outcomes. For more information on the awards program, visit: \u003Ca href=\"https://awards.thehackernews.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://awards.thehackernews.com/\u003C/a>.&nbsp;\u003C/p>",{"large":385},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":387,"@type":47,"tagName":83,"properties":388,"responsiveStyles":389},"builder-pixel-kpiam0l3i0b",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":390},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":392},{"path":29,"query":393},{},{},1783001143916,1781277876568,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F483b71b7f083489388a42f0a6522923f",[],{"hasErrors":6,"hasLinks":6,"winningTest":62,"kind":297,"lastPreviewUrl":400,"breakpoints":401,"originalContentId":402,"hasAutosaves":6},"https://pushsecurity.com/news/push-named-best-secure-enterprise-browser-seb?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=5e427d1630dc42d3b721ecbffd1ca2d7&builder.overrides.5e427d1630dc42d3b721ecbffd1ca2d7=5e427d1630dc42d3b721ecbffd1ca2d7&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"1e689db009b44f8e9f56956a8958cd89",{"createdDate":404,"id":402,"name":405,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":406,"data":409,"variations":432,"lastUpdated":433,"firstPublished":434,"testRatio":23,"screenshot":435,"createdBy":292,"lastUpdatedBy":25,"folders":436,"meta":437,"rev":362},1780335657458,"PR20260602 Push AI Visibility and Control Capabilities",[407],{"@type":233,"property":234,"operator":235,"value":408},"/news/push-ai-visibility-and-control-capabilities",{"seoDescription":410,"inputs":411,"title":412,"themeId":6,"date":413,"seoTitle":414,"ogImage":373,"image":373,"blocks":415,"url":408,"state":429},"File, clipboard, app and domain controls extend Push’s browser security platform with AI visibility and control delivered as a feature, not a separate AI governance purchase",[],"Push Security Launches New Browser Controls to Prevent Sensitive Data and Secrets Leaking Into Unsanctioned AI Tools","Tue Jun 02 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Releases New Browser Controls to Stop Sensitive Data Leaking Into UnauthorizedAI Tools",[416,424],{"@type":47,"@version":48,"id":380,"meta":417,"component":419,"responsiveStyles":422},{"previousId":418},"builder-255e6fe4776f4caf9cf45b051344a15b",{"name":273,"options":420,"isRSC":62},{"text":421},"\u003Cp>\u003Cem>File, clipboard, app and domain controls extend Push’s browser security platform with AI visibility and control delivered as a feature, not a separate AI governance purchase\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — (June 2, 2026) — \u003C/strong>Push Security, the most powerful AI-native security tool in the browser, today launched a new set of browser-layer controls designed to prevent security incidents caused by sensitive data leaving the browser.\u003C/p>\u003Cp>The new capabilities include file upload and download telemetry, with configurable monitor, warn, and block modes; visibility and control over clipboard actions; and automated app and domain categorization. Together these features give security teams real-time visibility and enforcement when intellectual property, source code, customer records, and other sensitive data move to unsanctioned AI tools, personal cloud accounts, and other high-risk destinations.\u003C/p>\u003Cp>“The most common form of sensitive data exposure in the modern enterprise isn’t a stolen laptop or misconfigured storage containers in the cloud,” said Jacques Louw, chief research officer at Push Security. “Too often it’s an engineer integrating an unsanctioned AI assistant with systems that contain source code and secrets, or a customer service agent dragging an exported customer list into a third-party AI tool.\u003C/p>\u003Cp>“Each is a security incident in the making, yet none would generate a useful signal in endpoint DLP, CASB, or secure web gateway tooling, because the activity is happening entirely inside the browser session,” Louw added.\u003C/p>\u003Cp>\u003Cstrong>The scale of the exposure is significant\u003C/strong>\u003C/p>\u003Cp>The \u003Ca href=\"https://www.verizon.com/business/resources/reports/dbir/\" rel=\"noopener noreferrer\" target=\"_blank\">2026 Verizon Data Breach Investigations Report\u003C/a> found that 67% of GenAI users on corporate devices are accessing AI tools through non-corporate accounts. \u003Ca href=\"https://pushsecurity.com/blog/what-push-data-reveals-about-the-state-of-shadow-ai/\" rel=\"noopener noreferrer\" target=\"_blank\">Push’s own telemetry shows\u003C/a> that 37% of file uploads to AI tools come from shadow accounts rather than approved organizational ones, meaning more than a third of the data being shared with AI is moving through accounts outside organizational data governance, retention policies, or basic security oversight.\u003C/p>\u003Cp>“The first wave of AI risk was abstract — boards asking CISOs whether employees were using ChatGPT,” said Adam Bateman, CEO of Push Security. “This new wave is more concrete. Sensitive data is flowing into AI tools through personal accounts with weak passwords, that often have no MFA, and little to no security oversight.\u003C/p>\u003Cp>This means they are one phishing attack away from compromise, and that's a security problem, not a governance problem.”\u003C/p>\u003Cp>\u003Cstrong>New Push browser controls\u003C/strong>\u003C/p>\u003Cp>The same browser telemetry and real-time control architecture that powers Push’s threat detection and identity security now extends to sensitive data exposure:\u003C/p>\u003Cul>\u003Cli>\u003Cstrong>File upload telemetry and blocking. \u003C/strong>Structured event feeds and blocking rules for file uploads, scoped by user group, browser profile, file type, file name, and destination. This stops sensitive documents, source code, or exported data sets from reaching unsanctioned AI tools, personal cloud storage, or other destinations.\u003C/li>\u003Cli>\u003Cstrong>File download telemetry and blocking. \u003C/strong>The same visibility and control applied in reverse, governing what employees pull out of corporate SaaS, AI tools, and other destinations.\u003C/li>\u003Cli>\u003Cstrong>Clipboard monitoring and control.\u003C/strong> Real-time visibility into clipboard copy and paste actions, with configurable Monitor, Warn, and Block modes. Regex-based rules flag sensitive data, such as API keys, personal access tokens, and PII at the point of submission, with telemetry forwarded to SIEM.\u003C/li>\u003Cli>\u003Cstrong>Application categorization. \u003C/strong>Automatic classification of every app Push identifies across the workforce, with category-level blocking for unsanctioned AI tools, personal file sharing, and other risk categories.\u003C/li>\u003Cli>\u003Cstrong>Domain categorization. \u003C/strong>An 89-category framework spanning personal file sharing, unapproved AI tools, adult content, gambling, and more, configurable by user group with in-browser policy banners and block pages.\u003C/li>\u003C/ul>\u003Cp>\u003Cstrong>Investigation telemetry, not just policy alerts\u003C/strong>\u003C/p>\u003Cp>Enforcement-first AI governance tools record what they stopped. That works for compliance reporting, but the most consequential security events are often the ones that looked normal at the time, such as an approved AI extension that quietly expanded its permissions, or an OAuth consent that was technically permitted but should never have been granted.\u003C/p>\u003Cp>Push collects telemetry for permitted events too, not just the ones that triggered a block, and forwards it as structured, context-enriched data to Microsoft Sentinel, Splunk Cloud, Datadog, Panther, Cribl Cloud, or any SIEM reachable by webhook.\u003C/p>\u003Cp>“When a developer uploads a production dataset for testing, or a manager uploads a performance report, the security incident is happening inside the browser tab,” said Louw. “Network tools see the destination. Endpoint tools see disk writes. Neither sees what was typed, uploaded, or pasted in the session.”\u003C/p>\u003Cp>\u003Cstrong>Complementing the security stack you already have\u003C/strong>\u003C/p>\u003Cp>Push complements existing DLP, SIEM, and SOC tooling rather than replacing it. Browser-layer enforcement sits alongside endpoint and network DLP, extending the visibility security teams already have into a new control plane.\u003C/p>\u003Cp>Category-level controls give security teams a durable policy surface. Block, warn, or monitor responses can be applied to entire categories of apps and domains scoped by user groups, letting engineers use approved generative AI tools while restricting access for other populations, without managing per-URL rules.\u003C/p>\u003Cp>These capabilities also run on Push’s existing privacy-preserving architecture. Personal browsing is not monitored by default, plaintext credentials are never collected, and sensitive clipboard data can be redacted.\u003C/p>\u003Cp>\u003Cstrong>AI visibility and control is a feature, not a separate investment\u003C/strong>\u003C/p>\u003Cp>The AI control problem and the browser threat detection problem share a root cause: Security-relevant activity is happening inside browser sessions that most tools cannot see.\u003C/p>\u003Cp>A standalone AI governance tool monitors the AI apps you already know about and tells you whether someone violated a usage policy. But it has no visibility into the unsanctioned tools, personal accounts, and shadow identities where the actual risk concentrates, and it cannot tell you which identity was used, whether that account has MFA, or whether the data just landed in an account the security team has no ability to protect. That is the gap a browser security platform closes.\u003C/p>\u003Cp>“AI visibility and control is a feature of the right browser security platform, not a separate solution,” said Bateman. “The activity is already happening in the browser. The telemetry to see it, and the controls to act on it, belong there too.”\u003C/p>\u003Cp>\u003Cstrong>Availability\u003C/strong>\u003C/p>\u003Cp>File upload and download telemetry and controls (with monitor, warn, and block modes), clipboard monitoring and controls (with warn and block modes), and application and domain categorization are available now to Push customers. Push has also provided more details on the \u003Ca href=\"https://pushsecurity.com/blog/why-you-cant-control-ai-without-being-in-the-browser\" rel=\"noopener noreferrer\" target=\"_blank\">importance of AI visibility in the browser on its blog today\u003C/a>.&nbsp;\u003C/p>\u003Cp>\u003Cstrong>About Push Security&nbsp;\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit https://pushsecurity.com or follow @pushsecurity.\u003C/p>",{"large":423},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":425,"@type":47,"tagName":83,"properties":426,"responsiveStyles":427},"builder-pixel-7su8qw499cj",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":428},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":430},{"path":29,"query":431},{},{},1783001162361,1780404593833,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5eb8a2ec2c5941c68952347aa55de5ae",[],{"hasLinks":6,"winningTest":62,"kind":297,"hasErrors":6,"originalContentId":438,"lastPreviewUrl":439,"breakpoints":440,"hasAutosaves":6},"56725c93652a4dbfa50e774c9de26098","https://pushsecurity.com/news/push-ai-visibility-and-control-capabilities?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=1e689db009b44f8e9f56956a8958cd89&builder.overrides.1e689db009b44f8e9f56956a8958cd89=1e689db009b44f8e9f56956a8958cd89&builder.overrides.press-pages:/news/push-ai-visibility-and-control-capabilities=1e689db009b44f8e9f56956a8958cd89&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":442,"id":438,"name":443,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":444,"data":447,"variations":470,"lastUpdated":471,"firstPublished":472,"testRatio":23,"screenshot":473,"createdBy":292,"lastUpdatedBy":292,"folders":474,"meta":475,"rev":362},1779908778041,"PR20260527 Push Security Named to Redpoint’s 2026 InfraRed 100 ",[445],{"@type":233,"property":234,"operator":235,"value":446},"/news/push-named-to-redpoint-infrared-100",{"inputs":448,"seoTitle":449,"ogImage":450,"seoDescription":451,"date":452,"image":450,"title":453,"themeId":6,"blocks":454,"url":446,"state":467},[],"Push Security Listed on 2026 Redpoint InfraRed 100 ","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9741878f0ea747c38ae9fbbc949003c8","Annual InfraRed Report highlights the companies shaping the future of AI and Cloud Infrastructure","Wed May 27 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Named to Redpoint’s 2026 InfraRed 100 ",[455,462],{"@type":47,"@version":48,"id":418,"meta":456,"component":457,"responsiveStyles":460},{"previousId":269},{"name":273,"options":458,"isRSC":62},{"text":459},"\u003Cp>\u003Cem>Annual InfraRed Report highlights the companies shaping the future of AI and Cloud Infrastructure\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — May 27, 2026 — \u003C/strong>Push Security, the most powerful AI-native security tool in the browser, today announced it has been named to \u003Ca href=\"https://www.redpoint.com/infrared/100/\" rel=\"noopener noreferrer\" target=\"_blank\">Redpoint Ventures’ 2026 InfraRed 100\u003C/a>, an annual list recognizing ascendant private companies that are building the foundational infrastructure powering the next wave of AI innovation.&nbsp;\u003C/p>\u003Cp>Redpoint is a venture capital firm that has invested at the leading edge of platform shifts for decades, backing generational companies like Snowflake, Twilio, Ramp, Stripe, HashiCorp, and Netflix. Redpoint launched the InfraRed 100 in 2023 to recognize emerging companies building the backbone of the AI era across developer tools, security, data, enterprise platforms, and beyond.\u003C/p>\u003Cp>“Being named to Redpoint's 2026 InfraRed 100 is strong validation for what we've built at Push Security,” said Adam Bateman, CEO of Push Security. “The browser is the gateway through which humans interact with AI and through which attackers compromise modern cloud infrastructure. We've seen a surge in demand for browser and AI security, and this recognition signals the importance of the problem we're solving for the industry.”\u003C/p>\u003Cp>Today’s news marks another milestone in Push’s growing momentum in the secure enterprise browser (SEB) market. Earlier this month, \u003Ca href=\"https://pushsecurity.com/news/push-launches-ai-native-agentic-threat-hunting-for-the-browser\" rel=\"noopener noreferrer\" target=\"_blank\">the company introduced an AI-native, agentic approach to threat hunting and detection engineering within its SEB extension\u003C/a>.&nbsp;\u003C/p>\u003Cp>\"Push was first to bring an agentic browser security platform to market, and we believe that head start is meaningful,” said Bateman. “The pace at which AI is changing how attackers operate means defenders need tools that can match that speed. We're building those tools, and being recognized by Redpoint alongside the companies shaping the future of AI infrastructure tells us we're in exactly the right place at the right time.”\u003C/p>\u003Cp>To commemorate its fourth year, Redpoint is convening InfraRed 100 founders at SFMOMA for an evening of celebration and intimate discussion of the next chapter to come in the AI era. The full list of InfraRed 100 honorees - and Redpoint’s perspective on the enabling layer powering AI adoption at scale and the year to come - is available \u003Ca href=\"https://www.redpoint.com/infrared/report/\" rel=\"noopener noreferrer\" target=\"_blank\">here\u003C/a>.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Redpoint Ventures\u003C/strong>\u003C/p>\u003Cp>Redpoint Ventures partners with founders redefining how people live and work through technology. Since 1999, Redpoint has invested across seed, early, and growth stages in companies including Snowflake, Stripe, Twilio, HashiCorp, Ramp, Netflix, Looker, and Nubank. The firm manages $7.0 billion across multiple funds. Learn more at \u003Ca href=\"http://redpoint.com\" rel=\"noopener noreferrer\" target=\"_blank\">redpoint.com\u003C/a>.\u003C/p>",{"large":461},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":463,"@type":47,"tagName":83,"properties":464,"responsiveStyles":465},"builder-pixel-7uv0dr6rjjd",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":466},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":468},{"path":29,"query":469},{},{},1779909098787,1779909098762,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F64b10c8a359b42568ce5e58219ddd8e1",[],{"winningTest":62,"kind":297,"originalContentId":252,"hasLinks":6,"hasErrors":6,"breakpoints":476,"lastPreviewUrl":477,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-named-to-redpoint-infrared-100?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=56725c93652a4dbfa50e774c9de26098&builder.overrides.56725c93652a4dbfa50e774c9de26098=56725c93652a4dbfa50e774c9de26098&builder.overrides.press-pages:/news/push-named-to-redpoint-infrared-100=56725c93652a4dbfa50e774c9de26098&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":255,"id":252,"name":256,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":479,"data":481,"variations":498,"lastUpdated":289,"firstPublished":290,"testRatio":23,"screenshot":291,"createdBy":292,"lastUpdatedBy":293,"folders":499,"meta":500,"rev":362},[480],{"@type":233,"property":234,"operator":235,"value":260},{"seoTitle":262,"seoDescription":263,"title":262,"ogImage":264,"themeId":6,"image":264,"date":265,"inputs":482,"blocks":483,"url":260,"state":495},[],[484,490],{"@type":47,"@version":48,"id":269,"meta":485,"component":486,"responsiveStyles":488},{"previousId":271},{"name":273,"options":487,"isRSC":62},{"text":275},{"large":489},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":491,"@type":47,"tagName":83,"properties":492,"responsiveStyles":493},"builder-pixel-viuqf8ngf1",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":494},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":496},{"path":29,"query":497},{},{},[],{"breakpoints":501,"winningTest":62,"hasLinks":6,"kind":297,"lastPreviewUrl":298,"originalContentId":299,"hasErrors":6,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":503,"id":299,"name":504,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":505,"data":508,"variations":531,"lastUpdated":532,"firstPublished":533,"testRatio":23,"screenshot":534,"createdBy":292,"lastUpdatedBy":25,"folders":535,"meta":536,"rev":362},1772643697281,"PR20260305 Push Security Launches Malicious Browser Extension Blocking",[506],{"@type":233,"property":234,"operator":235,"value":507},"/news/push-launches-malicious-browser-extension-blocking",{"themeId":6,"seoTitle":509,"inputs":510,"ogImage":374,"title":511,"seoDescription":512,"image":374,"date":513,"blocks":514,"url":507,"state":528},"Push Security Launches Malicious Browser Extension Blocking ",[],"Push Security Launches Malicious Browser Extension Blocking to Stop Emerging Extension-Based Attacks","New capability enables organizations to detect malicious browser extensions and automatically block them from running in employee browsers.","Thu Mar 05 2026 00:00:00 GMT-0800 (Pacific Standard Time)",[515,523],{"@type":47,"@version":48,"id":271,"meta":516,"component":518,"responsiveStyles":521},{"previousId":517},"builder-262d880c4939468096ef7b73f4af7ddf",{"name":273,"options":519,"isRSC":62},{"text":520},"\u003Cp>\u003Cem>New capability enables organizations to detect malicious browser extensions and automatically block them from running in employee browsers.\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — (March 5, 2026) —\u003C/strong> Push Security, the most powerful AI-native security tool in the browser, today announced today announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. This new feature will enable organizations to automatically block known-bad extensions from running in employee browsers.\u003C/p>\u003Cp>Attackers are increasingly turning to malicious browser extensions as a preferred method of compromise. \u003Ca href=\"https://pushsecurity.com/blog/browser-extension-management-guide\" rel=\"noopener noreferrer\" target=\"_blank\">Recent campaigns such as ShadyPanda, ZoomStealer, and GhostPoster\u003C/a>, along with breaches impacting vendors including Cyberhaven and Trust Wallet, highlight the growing risk posed by compromised extensions.\u003C/p>\u003Cp>“Browser extensions represent one of the most under-monitored attack vectors in modern enterprises,” said Jacques Louw, chief product officer at Push Security. “For modern organizations running different operating systems and browsers across their workforce, it’s hard to know what’s running — let alone what is malicious.”&nbsp;\u003C/p>\u003Cp>\u003Cstrong>A growing and miscalculated threat\u003C/strong>\u003C/p>\u003Cp>Nearly every major app now has a browser extension counterpart, alongside thousands of AI overlays, screen recorders, spell checkers, and design tools. The \u003Ca href=\"https://chromewebstore.google.com/\" rel=\"noopener noreferrer\" target=\"_blank\">Chrome Web Store\u003C/a> alone hosts more than 100,000 extensions, making it clear that this is an expanding attack surface that many organizations do not fully understand.\u003C/p>\u003Cp>“Compounding the issue, most malicious extensions do not begin as malicious,” said Louw. “Attackers frequently create initially benign extensions and later push malicious updates, or&nbsp;take over existing extensions with large install bases, by hacking extension devs, or simply by purchasing the extension legitimately. Once a malicious update is deployed, every browser running the extension can be compromised when their browser next updates.”\u003C/p>\u003Cp>“Simply blocking extensions altogether is unrealistic for most organizations,” he continued. “Security teams need visibility and enforcement without disrupting productivity.”\u003C/p>\u003Cp>Extension code is routinely analyzed as part of the extension upload and approval process; however, attackers routinely evade detection using obfuscated and dynamically compiled code. Extensions are often flagged only after malicious activity is observed in the wild and, more frequently, after a breach has occurred. Even when removed from the store, extensions may remain active in user browsers, underlining the importance of being able to detect and block extensions independently of the web store.\u003C/p>\u003Cp>Push’s new capability enables organizations to automatically block known malicious extensions from running in employee browsers, derived from Push’s continuously updated intelligence database of reported malicious extensions. Customers can enforce policies in monitor or block mode via the Push admin console. When a malicious extension is detected, the platform generates severity-based alerts and can automatically disable the extension in affected browsers.\u003C/p>\u003Cp>Beyond blocking known-bad extensions, Push provides real-time visibility into all extensions running across an organization’s workforce, including metadata such as publisher history, permissions, deployment method, and update activity. This enables security teams to seamlessly manage extensions across browsers and operating systems from a single platform, identify risky extensions, implement allowlists or blocklists, and monitor for suspicious changes such as changes in ownership or permissions.\u003C/p>\u003Cp>The new feature expands Push’s browser-based security platform, which also protects against adversary-in-the-middle (AiTM) phishing, credential stuffing, session hijacking, and other browser-native attack techniques.\u003C/p>\u003Cp>\u003Cstrong>Availability\u003C/strong>\u003C/p>\u003Cp>Malicious extension detection and blocking is available now to Push customers. For more information on malicious browser extension blocking, check out today’s \u003Ca href=\"https://pushsecurity.com/blog/browser-extension-management-guide\" rel=\"noopener noreferrer\" target=\"_blank\">Push blog post\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":522},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":524,"@type":47,"tagName":83,"properties":525,"responsiveStyles":526},"builder-pixel-sxqhyejruu",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":527},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":529},{"path":29,"query":530},{},{},1782828960265,1772715804987,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd284a71db78248f496f9487fd0634c4f",[],{"kind":297,"hasLinks":6,"originalContentId":537,"breakpoints":538,"winningTest":62,"lastPreviewUrl":539,"hasErrors":6,"hasAutosaves":6},"22e996cafde44614a602b3656627987e",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-launches-malicious-browser-extension-blocking?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=33f99f60cb084b399cd665ea33353de5&builder.overrides.33f99f60cb084b399cd665ea33353de5=33f99f60cb084b399cd665ea33353de5&builder.overrides.press-pages:/news/push-launches-malicious-browser-extension-blocking=33f99f60cb084b399cd665ea33353de5&builder.options.locale=Default",{"createdDate":541,"id":537,"name":542,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":543,"data":546,"variations":569,"lastUpdated":570,"firstPublished":571,"testRatio":23,"screenshot":572,"createdBy":292,"lastUpdatedBy":292,"folders":573,"meta":574,"rev":362},1765824936505,"PR20251217 Push Security Launches ClickFix Detection",[544],{"@type":233,"property":234,"operator":235,"value":545},"/news/push-launches-clickfix-detection",{"image":373,"seoTitle":547,"seoDescription":548,"inputs":549,"ogImage":373,"date":550,"themeId":6,"title":551,"blocks":552,"url":545,"state":566},"Push Security Launches ClickFix Detection","New feature detects and blocks one of the fastest-growing cyberattack techniques at the source, protecting users before malware is delivered or their account is compromised",[],"Wed Dec 17 2025 00:00:00 GMT-0800 (Pacific Standard Time)","Push Security Launches Malicious Copy-and-Paste Detection to Stop ClickFix Attacks in the Browser",[553,561],{"@type":47,"@version":48,"id":517,"meta":554,"component":556,"responsiveStyles":559},{"previousId":555},"builder-32ec389f723e4e5492cdf8edd28e2f2e",{"name":273,"options":557,"isRSC":62},{"text":558},"\u003Cp>\u003Cem>New feature detects and blocks one of the fastest-growing cyberattack techniques at the source, protecting users before malware is delivered or their account is compromised\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — Dec. 17, 2025 —\u003C/strong> Push Security, the most powerful AI-native security tool in the browser, today announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser — preventing them from being run on machines, and cutting off attackers at the earliest opportunity.\u003C/p>\u003Cp>Push Security’s malicious copy-and-paste detection identifies and blocks the exact user action that makes ClickFix possible. By monitoring copy events in the browser, Push can distinguish legitimate activity, such as code copied from GitHub or SIEM tools, from malicious scripts. This approach ensures high-fidelity alerts and minimal false positives without disrupting employee workflows or productivity.\u003C/p>\u003Cp>“ClickFix is now one of the most effective ways attackers have at their disposal to steal&nbsp;business data and disrupt operations,” said Jacques Louw, chief product officer at Push Security. “Existing email and network security tools struggle to detect it during delivery, and endpoint controls are being routinely bypassed during execution. Our new feature changes the game by stopping these attacks right where they start: in the browser.”\u003C/p>\u003Cp>\u003Ca href=\"https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/\" rel=\"noopener noreferrer\" target=\"_blank\">ClickFix\u003C/a>, also known as fake CAPTCHA attacks with variants like FileFix, has rapidly become a go-to technique for cybercriminals. Reports show a \u003Ca href=\"https://www.scworld.com/news/clickfix-phishing-links-increased-nearly-400-in-12-months-report-says\" rel=\"noopener noreferrer\" target=\"_blank\">400% year-over-year increase\u003C/a> in ClickFix attacks, with a separate study citing a \u003Ca href=\"https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h12025.pdf\" rel=\"noopener noreferrer\" target=\"_blank\">517% surge\u003C/a> in just the last six months. The attack method is frequently leveraged by groups such as \u003Ca href=\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a\" rel=\"noopener noreferrer\" target=\"_blank\">Interlock ransomware\u003C/a> and has been linked to several high-profile enterprise breaches in a variety of industries including financial services, healthcare, and retail as well as state and local government.&nbsp;\u003C/p>\u003Cp>Unlike traditional phishing, ClickFix attacks manipulate victims into copying malicious code from a fake web challenge, such as a CAPTCHA or “page error,” and running it locally. From there, attackers deliver malware, steal credentials and session cookies, and often deploy ransomware for double extortion.\u003C/p>\u003Cp>“We see attack techniques like ClickFix evolve faster than traditional defenses can keep up. So for us, it is key to study attacker behavior in depth and design protections around the actions they can’t avoid,” said Louw. “This research-driven approach allows us to deliver practical, universally effective controls that other vendors often overlook, and it’s what we believe sets us apart as a true innovator in browser security.”\u003C/p>\u003Cp>Key benefits of Push’s malicious copy-and-paste detection include:\u003C/p>\u003Cul>\u003Cli>Universal protection: Effective across all ClickFix variants, regardless of lure type, delivery channel, or malware payload.\u003C/li>\u003Cli>Seamless user experience: Unlike heavy-handed endpoint or DLP controls, Push protects without blocking legitimate copy-paste activity.\u003C/li>\u003Cli>Early intervention: Stops attackers before malware delivery, rather than relying on endpoint detection after the fact.\u003C/li>\u003C/ul>\u003Cp>This new feature adds another layer to Push Security’s browser-based defense platform, which already protects organizations against phishing, session hijacking, credential stuffing, malicious browser extensions, malicious OAuth integrations, and other browser-based attacks.\u003C/p>\u003Cp>For a demo of the feature in action, \u003Ca href=\"https://youtu.be/u28oeQuMRWU\" rel=\"noopener noreferrer\" target=\"_blank\">watch this video\u003C/a>.\u003C/p>\u003Cp>In addition, the research team’s continued deep dive into ClickFix also led to the discovery last week of a new ClickFix-style technique it has since dubbed “ConsentFix.” This new browser-based attack takes over user accounts with a simple copy and paste. If a user is already logged into the app in their browser, they don’t even need to supply credentials, or pass an MFA check — meaning it effectively circumvents phishing-resistant auth like passkeys too. The team has issued a detailed report on ConsentFix and how to protect against it on the \u003Ca href=\"https://pushsecurity.com/blog/consentfix/\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a>.\u003C/p>\u003Cp>To learn more about how Push Security protects organizations against browser-based attacks, visit the \u003Ca href=\"https://pushsecurity.com/uc/clickfix-protection\" rel=\"noopener noreferrer\" target=\"_blank\">ClickFix protection section of the website\u003C/a> or book a \u003Ca href=\"https://pushsecurity.com/demo/\" rel=\"noopener noreferrer\" target=\"_blank\">live demo\u003C/a> with the Push team.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":560},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":562,"@type":47,"tagName":83,"properties":563,"responsiveStyles":564},"builder-pixel-us41jvph1db",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":565},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":567},{"path":29,"query":568},{},{},1778783140871,1765978282681,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe6888684bf02415b95e4d118910f87d0",[],{"hasLinks":6,"lastPreviewUrl":575,"originalContentId":576,"breakpoints":577,"winningTest":62,"kind":297,"hasErrors":6,"hasAutosaves":6},"https://pushsecurity.com/news/push-launches-clickfix-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=22e996cafde44614a602b3656627987e&builder.overrides.22e996cafde44614a602b3656627987e=22e996cafde44614a602b3656627987e&builder.overrides.press-pages:/news/push-launches-clickfix-detection=22e996cafde44614a602b3656627987e&builder.options.locale=Default","178c7886571d480096239b9e63b5528e",{"xsmall":31,"small":32,"medium":33},{"createdDate":579,"id":576,"name":580,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":581,"data":584,"variations":604,"lastUpdated":605,"firstPublished":606,"testRatio":23,"screenshot":607,"createdBy":292,"lastUpdatedBy":292,"folders":608,"meta":609,"rev":362},1765392005379,"PR20251211 Push Identifies ConsentFix",[582],{"@type":233,"property":234,"operator":235,"value":583},"/news/push-identifies-consent-fix",{"image":450,"seoTitle":585,"ogImage":450,"themeId":6,"title":586,"seoDescription":587,"date":588,"blocks":589,"url":583,"state":601},"Push Security Identifies \"ConsentFix\", New In-Browser Phishing Attack","Push Security Uncovers “ConsentFix”: A New Class of Browser-Native Phishing Attack","ClickFix-style attack hijacks OAuth consent grants to take over Microsoft accounts, bypassing passwords, passkeys and MFA","Thu Dec 11 2025 00:00:00 GMT-0800 (Pacific Standard Time)",[590,596],{"@type":47,"@version":48,"id":555,"component":591,"responsiveStyles":594},{"name":273,"options":592,"isRSC":62},{"text":593},"\u003Cp>\u003Cem>ClickFix-style attack hijacks OAuth consent grants to take over Microsoft accounts, bypassing passwords, passkeys and MFA\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>\u003Cem>﻿\u003C/em>\u003C/strong>LONDON, BLACK HAT, EUROPE — Dec. 11, 2025 — (Booth #305) Push Security, a leader in browser-based detection and response, today announced the discovery of a new class of phishing attack that enables Microsoft account takeover simply by copy-and-pasting a URL.&nbsp;\u003C/p>\u003Cp>Dubbed “ConsentFix” by Push Security researchers, this browser-based phishing attack enables full account takeover without ever capturing a password or triggering MFA, marking a significant evolution in phishing techniques. Push researchers detected and blocked the attack across multiple Push customers, demonstrating that this new technique is already being used in the wild.\u003C/p>\u003Cp>ConsentFix is best understood as a browser-native ClickFix attack that leads to the compromise of an OAuth token on a target application, in this case, Microsoft. The attack detected by Push sees the victim tricked into logging into Azure CLI, by generating an OAuth authorization code — visible in a localhost URL — and then pasting that URL, including the code, into the phishing page.\u003C/p>\u003Cp>This new technique demonstrates the fast-evolving threat landscape. This year, ClickFix attacks were one of the fastest growing attack types. In fact, \u003Ca href=\"https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/Microsoft-Digital-Defense-Report-2025.pdf#page=1\" rel=\"noopener noreferrer\" target=\"_blank\">according to Microsoft 47% of attacks started with ClickFix\u003C/a> in the last year, while OAuth consent grants were widely abused by attackers like \u003Ca href=\"https://pushsecurity.com/blog/scattered-lapsus-hunters/\" rel=\"noopener noreferrer\" target=\"_blank\">Scattered Lapsus$ Hunters\u003C/a> in the campaign against Salesforce customers. But attackers have already iterated on these successful techniques with ConsentFix, combining the effective social engineering of ClickFix with OAuth abuse.&nbsp;\u003C/p>\u003Cp>This is a significant challenge for security teams for a number of reasons:\u003C/p>\u003Cul>\u003Cli>There’s no login required, therefore phishing-resistant authentication controls like passkeys have no impact on this attack.\u003C/li>\u003Cli>The attack happens entirely inside the browser context, removing one of the key detection opportunities for ClickFix attacks because it doesn’t touch the endpoint.\u003C/li>\u003Cli>Delivering the lure via Google Search completely circumvents email-based anti-phishing controls.\u003C/li>\u003Cli>Targeting a first-party app like Azure CLI means that many of the controls available for restricting and blocking third-party app integrations do not apply.\u003C/li>\u003Cli>The use of advanced detection evasion techniques makes this attack difficult to investigate, meaning these attacks are going undetected.&nbsp;\u003C/li>\u003C/ul>\u003Cp>“This technique is incredibly sophisticated,” said Jacques Louw, chief product officer at Push Security. “Not only is it technically designed to evade detection and bypass protective identity controls, it’s something that users aren’t necessarily trained to be on guard against. They don’t need to give their credentials or MFA codes away — they’re just pasting a URL.”\u003C/p>\u003Cp>\u003Cstrong>Copy-and-Paste to Full Access: How ConsentFix Works\u003C/strong>\u003C/p>\u003Cp>In the ConsentFix attacks observed by Push, victims were funneled through Google Search to compromised but reputable websites injected with a fake Cloudflare Turnstile challenge.&nbsp;\u003C/p>\u003Cp>After entering a valid corporate email, victims were then prompted to click a “Sign In” button that directs to a legitimate Microsoft page. If the victim is already logged into Microsoft in their browser, no further login is required and they are redirected to a localhost URL containing an OAuth authorization code for their Microsoft account. The final step was simply to paste that URL back into the original page, completing the malicious consent grant.&nbsp;\u003C/p>\u003Cp>Push researchers warn that attackers specifically targeted Microsoft Azure CLI, a first-party application implicitly trusted across Entra ID tenants. Unlike third-party OAuth apps, Azure CLI:\u003C/p>\u003Cul>\u003Cli>Cannot be blocked or deleted\u003C/li>\u003Cli>Can request powerful permissions without admin approval\u003C/li>\u003Cli>Is allowed to use internal or undocumented Graph scopes\u003C/li>\u003Cli>Is exempt from many tenant-level consent restrictions\u003C/li>\u003C/ul>\u003Cp>This makes it an exceptionally valuable target — and significantly limits available preventative controls.\u003C/p>\u003Cp>“ConsentFix completely sidesteps the traditional defenses that companies rely on,” said Louw. “The lure comes through Google Search, the pages are designed to evade detection, and it exploits a trusted first-party app that you can’t restrict. It’s a huge challenge for security teams.”\u003C/p>\u003Cp>\u003Cstrong>Detection Guidance\u003C/strong>\u003C/p>\u003Cp>Push warns that attackers are likely to integrate ConsentFix into phishing kits, broadening access and expanding beyond Microsoft targets to other cloud ecosystems. For now, organizations should monitor for unusual Azure CLI login events, especially for standard users.\u003C/p>\u003Cp>Since the attacker is intentionally leveraging legacy scopes to evade detection, organizations should ensure that AADGraphActivityLogs is enabled and monitored to be able to search for unusual activity such as AD enumeration.\u003C/p>\u003Cp>For more details about how ConsentFix works and security recommendations, check out the full research report on the \u003Ca href=\"https://pushsecurity.com/blog/consentfix\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a> or visit the team at Black Hat Europe this week in London at booth #305.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":595},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":597,"@type":47,"tagName":83,"properties":598,"responsiveStyles":599},"builder-pixel-i6bxdeaqu5",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":600},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":602},{"path":29,"query":603},{},{},1778530537606,1765462282867,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F99bf1283c4c846dfb3fb8e03aa265de2",[],{"hasLinks":6,"lastPreviewUrl":610,"kind":297,"breakpoints":611,"hasAutosaves":6},"https://pushsecurity.com/news/push-identifies-consent-fix?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=178c7886571d480096239b9e63b5528e&builder.overrides.178c7886571d480096239b9e63b5528e=178c7886571d480096239b9e63b5528e&builder.overrides.press-pages:/news/push-identifies-consent-fix=178c7886571d480096239b9e63b5528e&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":613,"id":614,"name":615,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":616,"data":619,"variations":640,"lastUpdated":641,"firstPublished":642,"testRatio":23,"screenshot":643,"createdBy":292,"lastUpdatedBy":292,"folders":644,"meta":645,"rev":362},1761751202674,"173e91572a2f465da724069aeffeeda5","PR20251030 LinkedIn Phishing Campaign",[617],{"@type":233,"property":234,"operator":235,"value":618},"/news/push-security-identifies-linkedin-phishing-campaign",{"seoTitle":620,"date":621,"seoDescription":622,"image":264,"title":623,"themeId":6,"blocks":624,"url":618,"state":637},"Push Security Sees Increase in Sophisticated LinkedIn-based Phishing Campaigns","Thu Oct 30 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security finds attackers are increasingly chaining legitimate Google and Microsoft services to mask phishing lures, bypassing traditional detection methods","Push Security Identifies Surge in Sophisticated LinkedIn-based Phishing Campaigns",[625,632],{"@type":47,"@version":48,"id":626,"component":627,"responsiveStyles":630},"builder-bfe77aa6bb5c43cfb4eeebd21e77f6a8",{"name":273,"options":628,"isRSC":62},{"text":629},"\u003Cp>\u003Cem>Attackers are increasingly chaining legitimate Google and Microsoft services to mask phishing lures, bypassing traditional detection methods\u003C/em>\u003C/p>\u003Cp>BOSTON — Oct. 30, 2025 — Push Security, a leader in browser-based detection and response, today announced the \u003Ca href=\"https://pushsecurity.com/blog/new-phishing-campaign-identified-targeting-linkedin-users\" rel=\"noopener noreferrer\" target=\"_blank\">discovery of a LinkedIn-based phishing campaign \u003C/a>that reflects a broader and accelerating trend: attackers are moving beyond email to target business users through social platforms like LinkedIn, while leveraging legitimate cloud services to disguise their attacks.\u003C/p>\u003Cp>In this latest campaign, intercepted by Push’s browser-native security platform, the attackers used a complex series of redirects through trusted Google and Microsoft services — including Google Search, Firebase, and Microsoft Dynamics — before landing victims on a credential-stealing page impersonating Microsoft.\u003C/p>\u003Cp>“Phishing attacks are no longer confined to the inbox,” said Adam Bateman, CEO of Push Security. “Attackers are meeting employees everywhere they work and communicate — including apps like LinkedIn — and they’re hiding in plain sight behind trusted domains that traditional defenses are programmed to ignore.”\u003C/p>\u003Cp>\u003Cstrong>A Growing Trend: LinkedIn as a Phishing Channel\u003C/strong>\u003C/p>\u003Cp>Push’s researchers have observed a sharp increase in phishing lures sent through **LinkedIn direct messages, exploiting the fact that the platform is widely used for legitimate professional outreach but falls outside the visibility of traditional enterprise email security tools. This is the \u003Ca href=\"https://pushsecurity.com/blog/how-push-stopped-a-high-risk-linkedin-spear-phishing-attack/\" rel=\"noopener noreferrer\" target=\"_blank\">second LinkedIn-targeted campaign\u003C/a> identified by Push in recent months, suggesting that attackers are increasingly viewing the platform as a reliable route to reach high-value targets such as executives, sales leaders, and hiring managers.\u003C/p>\u003Cp>Because LinkedIn sits outside enterprise phishing filters and other traditional cybersecurity solutions, attackers are able to initiate contact, send malicious links, and socially engineer victims with fewer barriers,” said Jacques Louw, chief product officer at Push Security. “The result is a blind spot in enterprise visibility and control, leaving employees exposed even on devices managed by corporate IT.\u003C/p>\u003Cp>\u003Cstrong>Legitimate Services Used to Evade Detection\u003C/strong>\u003C/p>\u003Cp>In this campaign, the attackers used a multi-layered redirect chain involving legitimate cloud services — such as Google Sites, Google Search, Firebase, and Microsoft Dynamics — to mask the destination of malicious links. By embedding redirects through reputable domains, attackers can dramatically reduce the likelihood of their links being flagged or blocked by automated tools.\u003C/p>\u003Cp>Attackers also deployed \u003Ca href=\"https://www.cloudflare.com/application-services/products/turnstile/\" rel=\"noopener noreferrer\" target=\"_blank\">Cloudflare Turnstile bot protection\u003C/a> to prevent automated analysis of their phishing sites, and used page obfuscation techniques — randomizing visual elements, titles, and code structures — to defeat detection signatures.\u003C/p>\u003Cp>“These tactics are becoming increasingly common in the phishing ecosystem and reflect just how well attackers understand how modern defenses operate,” said Louw. “We’re seeing adversaries take advantage of the trust placed in legitimate services like Google and Microsoft to build redirect chains that hide their activity. This level of sophistication means phishing is becoming increasingly difficult to detect and stop for most organizations.”\u003C/p>\u003Cp>\u003Cstrong>From LinkedIn Chat to Credential Theft\u003C/strong>\u003C/p>\u003Cp>The attack sequence began with a LinkedIn direct message containing a seemingly benign link. After a series of redirects through legitimate platforms, the victim was presented with a Microsoft-branded “view document” page protected by a Cloudflare Turnstile challenge. Once completed, the victim was served an adversary-in-the-middle (AiTM) phishing page designed to steal the user’s Microsoft session, bypassing controls like MFA.\u003C/p>\u003Cp>The rise of social media–delivered phishing campaigns underscores a broader shift in attacker strategy. As defenses around corporate email improve, adversaries are turning to less-guarded communication channels — and coupling them with legitimate cloud services — to maximize reach and minimize detection.\u003C/p>\u003Cp>Push researchers expect this trend to continue, with future phishing operations blending across channels and platforms that sit outside traditional enterprise security visibility.\u003C/p>\u003Cp>\u003Cstrong>Push Security’s Advantage: Real-Time, Browser-Based Detection\u003C/strong>\u003C/p>\u003Cp>Push Security detected and blocked the attack in real time by identifying the malicious activity in the user’s browser session—where the attack actually unfolds—rather than relying on URL reputation, email scanning, or threat intelligence feeds.\u003C/p>\u003Cp>“These campaigns show how attackers are bypassing every traditional control point — email gateways, link scanners, domain filters — by abusing the same trusted tools that enterprises rely on,” said Louw. “Push protects users in real-time in the browser, no matter how or where malicious content reaches the user.”\u003C/p>\u003Cp>Push’s browser-native platform identifies and blocks a wide range of browser-based attacks, including AiTM phishing, credential stuffing, session hijacking, and password reuse. Beyond detection, Push also helps organizations harden their identity attack surface by uncovering security gaps such as unmanaged logins, weak MFA coverage, and risky OAuth integrations.\u003C/p>\u003Cp>For more details on this campaign, check out our \u003Ca href=\"https://pushsecurity.com/blog/new-phishing-campaign-identified-targeting-linkedin-users\" rel=\"noopener noreferrer\" target=\"_blank\">research blog post here\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":631},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":633,"@type":47,"tagName":83,"properties":634,"responsiveStyles":635},"builder-pixel-wrfscx6ny59",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":636},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":638},{"path":29,"query":639},{},{},1778019828396,1761825760362,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff2be5f689d9046d19233a6c044ed35c6",[],{"hasLinks":6,"kind":297,"lastPreviewUrl":646,"breakpoints":647,"hasAutosaves":6},"https://pushsecurity.com/news/push-security-identifies-linkedin-phishing-campaign?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=173e91572a2f465da724069aeffeeda5&builder.overrides.173e91572a2f465da724069aeffeeda5=173e91572a2f465da724069aeffeeda5&builder.overrides.press-pages:/news/push-security-identifies-linkedin-phishing-campaign=173e91572a2f465da724069aeffeeda5&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":649,"id":650,"name":651,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":652,"data":655,"variations":675,"lastUpdated":676,"firstPublished":677,"testRatio":23,"screenshot":678,"createdBy":292,"lastUpdatedBy":292,"folders":679,"meta":680,"rev":362},1761580246694,"a5634c88296f4fa0b457871431d30bb9","PR20251028 Push Security Guidepoint Partnership",[653],{"@type":233,"property":234,"operator":235,"value":654},"/news/push-security-guidepoint-strategic-partnership",{"seoTitle":656,"seoDescription":657,"date":658,"title":656,"themeId":6,"image":373,"blocks":659,"url":654,"state":672},"Push Security and GuidePoint Security Announce Strategic Partnership to Bring Browser-Based Defense to Customers","Push Security and GuidePoint Security Announces Strategic Partnership with Guidepoint Security","Tue Oct 28 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",[660,667],{"@type":47,"@version":48,"id":661,"component":662,"responsiveStyles":665},"builder-cbdafed7512e4ab6b2debd1e83af1f90",{"name":273,"options":663,"isRSC":62},{"text":664},"\u003Cp>\u003Cem>New partnership brings real-time detection and response to the browser for GuidePoint customers&nbsp;\u003C/em>\u003C/p>\u003Cp>BOSTON – Oct. 28, 2025 – \u003Ca href=\"https://www.pushsecurity.com\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security\u003C/a>, a leader in browser-based detection and response, today announced a strategic reseller partnership with \u003Ca href=\"http://www.guidepointsecurity.com\" rel=\"noopener noreferrer\" target=\"_blank\">GuidePoint Security\u003C/a>, the leading cybersecurity solution provider that helps organizations make better decisions that minimize risk. Through this partnership, GuidePoint customers will have access to real-time detection, response, and protection through the browser against modern threats such as phishing, session hijacking, and malicious browser extensions.\u003C/p>\u003Cp>The browser has become the new endpoint, where employees log into cloud apps, move data, build products, and interact with customers. While traditional security tools still focus on endpoints and networks, the browser remains a blind spot: full of risk, but largely unmonitored.\u003C/p>\u003Cp>\"The browser is where work happens and attackers operate, making it the new security battleground,\" said Bryan Wallace, vice president of global partnerships at Push Security. \"Our partnership with GuidePoint Security puts advanced, browser-based detection and response in the hands of more security teams, helping them spot threats faster and act before any damage is done.”\u003C/p>\u003Cp>The Push platform gives defenders full visibility into user activity, attacker behavior, and session-level risk, while enforcing protective controls like MFA and SSO. Push Security works in any modern browser, deploys in minutes, and integrates seamlessly with existing stacks — making it accessible to security teams of any size. And because it was built by a team with deep offensive security expertise, the platform is designed with an attacker’s perspective in mind — ensuring defenses that reflect how real threats unfold in the browser.\u003C/p>\u003Cp>“Attackers are innovating quickly, and security teams need tools built with an attacker’s mindset in order to keep up,\" said Justin Iwaniszyn, director, new and emerging alliances at GuidePoint Security. \"Our partnership with Push enables our customers to improve visibility and better detect, secure and respond to browser threats in real time.”\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":666},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":668,"@type":47,"tagName":83,"properties":669,"responsiveStyles":670},"builder-pixel-levisskubj",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":671},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":673},{"path":29,"query":674},{},{},1778019852429,1761653104382,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8f8b18de21da4190a273234a0e31c482",[],{"lastPreviewUrl":681,"hasLinks":6,"kind":297,"breakpoints":682,"hasAutosaves":6},"https://pushsecurity.com/news/push-security-guidepoint-strategic-partnership?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=a5634c88296f4fa0b457871431d30bb9&builder.overrides.a5634c88296f4fa0b457871431d30bb9=a5634c88296f4fa0b457871431d30bb9&builder.overrides.press-pages:/news/push-security-guidepoint-strategic-partnership=a5634c88296f4fa0b457871431d30bb9&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":684,"id":685,"name":686,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":687,"data":690,"variations":711,"lastUpdated":712,"firstPublished":713,"testRatio":23,"screenshot":714,"createdBy":292,"lastUpdatedBy":715,"folders":716,"meta":717,"rev":362},1757084000011,"7a6162b6b88948fea751108cf7b9be94","PR20250909 Push Security Welcomes Mark-Orlando Field-CTO",[688],{"@type":233,"property":234,"operator":235,"value":689},"/news/push-security-welcomes-mark-orlando-field-cto",{"seoDescription":691,"title":692,"seoTitle":693,"themeId":6,"date":694,"image":450,"blocks":695,"url":689,"state":708},"Mark Orlando joins Push Security as new Field CTO","Push Security Welcomes Veteran Cybersecurity Leader and SANS Instructor Mark Orlando as Field CTO","Push Security Welcomes New Field CTO","Tue Sep 09 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",[696,703],{"@type":47,"@version":48,"id":697,"component":698,"responsiveStyles":701},"builder-c51756c656f841549d24adbb706ab0c9",{"name":273,"options":699,"isRSC":62},{"text":700},"\u003Cp>\u003Cem>Orlando brings two decades of security operations experience to advance Push’s mission of closing the browser blind spot for defenders\u003C/em>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>BOSTON — Sept. 9, 2025 — Push Security, a leader in browser-based detection and response, today announced the appointment of Mark Orlando as field chief technology officer (CTO). A lifelong defender, educator, and innovator in security operations, Orlando joins Push to help advance its mission to bring research-led detection and response to the browser — the new frontier for attackers.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>With more than 20 years of experience building and leading security operations at the Pentagon, the White House, the Department of Energy, and Fortune 500 enterprises, Orlando will help guide Push Security’s strategy as it redefines how organizations bring active security to the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Everywhere I’ve worked, from government to the private sector, I’ve seen the same challenge: defenders trying to protect users where they actually work,” said Orlando. “Today, that’s the browser. It’s where attackers are targeting, and where security teams need to be. Push Security is one of the first companies I’ve seen that gets this right, and that’s why I’m here.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In his new role, Orlando will serve as a bridge between practitioners and Push’s research-driven product innovation, ensuring that Push’s platform addresses the realities of today’s enterprise environment.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Mark embodies the defender’s mindset—he’s built teams from the ground up, taught thousands of students as a SANS instructor, and led security at the highest levels,” said Adam Bateman, CEO of Push Security. “His perspective and credibility will help us scale Push’s impact and ensure defenders can meet attackers where they are—inside the browser.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Orlando began his career as a SOC analyst and has since built and led security teams at some of the most sensitive and high-profile organizations in the world. Before joining Push, he co-founded Bionic Cyber, where he advised enterprises on building and scaling cyber defense capabilities. He also previously served as CTO of Raytheon Cyber where he defined technical strategy for consulting services, managed services, and strategic accounts worldwide.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Orlando is currently a SANS Certified Instructor and co-author of \u003Cem>LDR551: Building and Leading Security Operations Centers\u003C/em>, and instructor for \u003Cem>SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations\u003C/em>, and he served in the U.S. Marine Corps as an Artillery Non-Commissioned Officer. His expertise has been featured at RSA, Black Hat, DefCon, and in leading publications including \u003Cem>The New York Times, The Washington Post,\u003C/em> and \u003Cem>Bloomberg. \u003C/em>He actively shares his thoughts on the current state of cybersecurity news on his \u003Ca href=\"https://markaorlando.substack.com/\" rel=\"noopener noreferrer\" target=\"_blank\">\u003Cem>Cybersecurity Leadership Weekly\u003C/em> substack\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":702},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":704,"@type":47,"tagName":83,"properties":705,"responsiveStyles":706},"builder-pixel-u3heosuv9ed",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":707},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":709},{"path":29,"query":710},{},{},1783597778405,1757414970024,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F31c88f491f384fd9bf94272012132305","3QxKrTrH6tTRxL7DYnuOQjdHTOu1",[],{"breakpoints":718,"kind":297,"hasLinks":6,"lastPreviewUrl":719,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-welcomes-mark-orlando-field-cto?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=7a6162b6b88948fea751108cf7b9be94&builder.overrides.7a6162b6b88948fea751108cf7b9be94=7a6162b6b88948fea751108cf7b9be94&builder.overrides.press-pages:/news/push-security-welcomes-mark-orlando-field-cto=7a6162b6b88948fea751108cf7b9be94&builder.options.locale=Default",{"createdDate":721,"id":722,"name":723,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":724,"data":727,"variations":747,"lastUpdated":748,"firstPublished":749,"testRatio":23,"screenshot":750,"createdBy":292,"lastUpdatedBy":292,"folders":751,"meta":752,"rev":362},1754332549627,"3697d97cfe1743f69bb1bcb3d37f1d6f","PR20250806 Push Security Launches Phishing Techniques Matrix",[725],{"@type":233,"property":234,"operator":235,"value":726},"/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix",{"date":728,"seoDescription":729,"image":264,"title":730,"themeId":6,"seoTitle":730,"blocks":731,"url":726,"state":744},"Wed Aug 06 2025 09:00:00 GMT-0700 (Pacific Daylight Time)","Push Security releases new framework for phishing detection evasion methods","Push Security Launches Phishing Detection Evasion Techniques Matrix to Help Security Teams Pinpoint Detection Gaps",[732,739],{"@type":47,"@version":48,"id":733,"component":734,"responsiveStyles":737},"builder-5eabcac725d443958e7606547fdf44a3",{"name":273,"options":735,"isRSC":62},{"text":736},"\u003Cp>\u003Cem>New open source framework maps the latest generation of real-world phishing techniques, revealing how attackers bypass identity providers and evade traditional defenses \u003C/em>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>LAS VEGAS, BLACK HAT, USA&nbsp;– Aug. 6, 2025 – (Booth #2057) Push Security, a leader in browser-based detection and response, today published its Phishing Detection Evasion Techniques matrix, offering a new view into the way that modern phishing attacks function, and how they’re being used to evade classic detection controls.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Modern phishing attacks are routinely bypassing traditional email and network-based phishing defenses. Attackers are using alternative delivery methods (such as IM platforms, social media, and malicious ads), camouflaging phishing links by abusing legitimate apps and services, and using bot protection, obfuscation, and runtime anti-analysis features, making them resistant to automated analysis.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Handling phishing the same way we did 10 or 15 years ago just isn’t an option anymore,” said Jacques Louw, chief product officer at Push Security. “This resource gives defenders a clearer picture of how sophisticated attackers are actually operating in the wild — and how traditional security controls are being outmaneuvered.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The Phishing Detection Evasion Techniques matrix builds on Push Security’s earlier \u003Ca href=\"https://github.com/pushsecurity/saas-attacks\" rel=\"noopener noreferrer\" target=\"_blank\">SaaS Attacks Matrix\u003C/a>, continuing the company’s mission to help security teams visualize and counter real-world identity threats across the modern attack surface.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Key features of the matrix include:\u003C/p>\u003Cul>\u003Cli>Mapped TTPs across every phase of the phishing lifecycle, including target reconnaissance, lure crafting, link camouflage, anti-analysis, and MFA bypass.\u003C/li>\u003Cli>Real-world examples of how attackers use these techniques in the wild.\u003C/li>\u003Cli>Designed to be used and operationalized by security teams as part of phishing controls testing.\u003C/li>\u003C/ul>\u003Cp>This new framework arrives at a time when phishing attacks are becoming more targeted, evasive, and damaging, especially as enterprises shift to identity-based security models. In fact, phishing was the initial source of compromise in as many as 37% of all breaches in the \u003Ca href=\"https://www.verizon.com/business/resources/reports/dbir/\" rel=\"noopener noreferrer\" target=\"_blank\">2025 Verizon Data Breach Investigations Report\u003C/a> dataset, accounting for more than any other single access vector. It is also estimated that phishing attacks cost businesses \u003Ca href=\"https://www.ibm.com/reports/data-breach\" rel=\"noopener noreferrer\" target=\"_blank\">nearly $4.76 million per breach\u003C/a> driven largely by compromised credentials, lost productivity, incident response costs, and downstream damage to applications and data.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The Phishing Detection Evasion Techniques Matrix is now available \u003Ca href=\"https://phishing-techniques.pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">on GitHub\u003C/a>. For more details about the matrix check out the \u003Ca href=\"https://pushsecurity.com/blog/phishing-detection-evasion-launch\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog post\u003C/a> or visit the team this week at Black Hat USA, booth #2057.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>About Push Security\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":738},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":740,"@type":47,"tagName":83,"properties":741,"responsiveStyles":742},"builder-pixel-bwg6p4k7mv",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":743},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":745},{"path":29,"query":746},{},{},1778019895294,1754381649339,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F687b923187314a18a1be46231a814d15",[],{"lastPreviewUrl":753,"breakpoints":754,"kind":297,"hasLinks":6,"hasAutosaves":6},"https://pushsecurity.com/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.overrides.3697d97cfe1743f69bb1bcb3d37f1d6f=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.overrides.press-pages:/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":756,"id":757,"name":758,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":759,"data":762,"variations":791,"lastUpdated":792,"firstPublished":793,"testRatio":23,"screenshot":794,"createdBy":292,"lastUpdatedBy":715,"folders":795,"meta":796,"rev":362},1747664169219,"04080f4423dd41ddb6d8ac1928ce8746","PR20250520 Push Security Launches PSAN",[760],{"@type":233,"property":234,"operator":235,"value":761},"/news/push-security-launches-psan",{"title":763,"seoDescription":764,"image":374,"date":765,"themeId":6,"seoTitle":763,"ogImage":374,"blocks":766,"url":761,"state":788},"Push Security Launches Global Partner Program to Accelerate its Channel Go-To-Market Strategy","New Push partner program enables solution providers to close the gap between identity-first security and outdated approaches","Tue May 20 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",[767,774,783],{"@type":47,"@version":48,"id":768,"component":769,"responsiveStyles":772},"builder-2622461181e24244934412ab358ba538",{"name":273,"options":770,"isRSC":62},{"text":771},"\u003Cp>\u003Cem>New Push Security Advisor Network (PSAN) enables solution providers to close the gap between identity-first security and outdated approaches\u003C/em>\u003C/p>",{"large":773},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":775,"meta":776,"component":778,"responsiveStyles":781},"builder-50ff72b07b3940e299350eb074a17fb4",{"previousId":777},"builder-4318713d522747f69bdde0c47f2c4eb7",{"name":273,"options":779,"isRSC":62},{"text":780},"\u003Cp>\u003Cbr>\u003C/p>\u003Cp>BOSTON, Mass., May 20, 2025 – Push Security, \u003Cspan style=\"font-size: 14px;\"> a leader in browser-based detection and response\u003C/span>, today launched the Push Security Advisor Network (PSAN), its new global partner program designed to strengthen cybersecurity solution provider portfolios with the Push Security platform. With a focus on safeguarding the modern workforce from identity-driven threats, PSAN helps partners close the protection gap left by traditional on-premise security solutions.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>PSAN provides partners with access to cutting-edge security technology, a collaborative community of cybersecurity and enablement experts, and best in class incentives. The program is tailored to support partners in delivering seamless security outcomes for organizations facing the growing challenges of identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Security teams need an answer to today’s sophisticated phishing and identity attacks, as well as better visibility and control over how employees use applications,” said Bryan Wallace, vice president of global partnerships at Push Security. “With the Push Security Advisor Network, we’re bringing together top-tier partners to help businesses proactively address identity-based threats, reduce risk, and strengthen their security posture.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Key benefits of the PSAN program include:\u003C/p>\u003Cul>\u003Cli>Technical enablement and training – Partners receive hands-on training and certification to maximize expertise in deploying and managing Push Security solutions.\u003C/li>\u003Cli>Sales and marketing support – Dedicated resources, co-marketing opportunities, and demand-generation campaigns to drive business growth.\u003C/li>\u003Cli>Exclusive partner incentives – Best in class margins, deal registration, and performance-based rewards to support partner profitability.\u003C/li>\u003Cli>Collaborative threat intelligence – Access to real-time threat insights and best practices to help customers stay ahead of emerging security risks.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"With the launch of our Push Security Advisor Network, we're empowering partners to deliver stronger, more scalable human-layer security solutions to customers around the world,”&nbsp;said Kevin Arsenault, chief revenue officer at Push Security. “PSAN reflects our commitment to a partner-first, partner-only growth strategy and to helping organizations reduce risk where it matters most—at the user level.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Partners interested in the Push Security Advisor Network are invited to join a \u003Ca href=\"https://pushsecurity.com/webinar/partner\" rel=\"noopener noreferrer\" target=\"_blank\">webinar on June 11 to learn more\u003C/a>. Additional information can also be found at \u003Ca href=\"https://pushsecurity.com/partner\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security Partner Program\u003C/a>.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":782},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":784,"@type":47,"tagName":83,"properties":785,"responsiveStyles":786},"builder-pixel-qmm5vvw3mon",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":787},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":789},{"path":29,"query":790},{},{},1783597698668,1747665223657,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa09745d4bff848f89cf3ca02a4c79cf4",[],{"breakpoints":797,"hasLinks":6,"lastPreviewUrl":798,"kind":297,"originalContentId":799,"winningTest":62,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-launches-psan?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=04080f4423dd41ddb6d8ac1928ce8746&builder.overrides.04080f4423dd41ddb6d8ac1928ce8746=04080f4423dd41ddb6d8ac1928ce8746&builder.overrides.press-pages:/news/push-security-launches-psan=04080f4423dd41ddb6d8ac1928ce8746&builder.options.locale=Default","4831d56a62b04968a7dcaceeeb760064",{"createdDate":801,"id":799,"name":802,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":803,"data":806,"variations":836,"lastUpdated":837,"firstPublished":838,"testRatio":23,"screenshot":839,"createdBy":292,"lastUpdatedBy":25,"folders":840,"meta":841,"rev":362},1745458177519,"PR20250415 Push Security Secures Series B Funding",[804],{"@type":233,"property":234,"operator":235,"value":805},"/news/push-security-secures-30-million-series-b-funding",{"image":374,"date":807,"seoTitle":808,"title":809,"ogImage":374,"themeId":6,"seoDescription":808,"blocks":810,"url":805,"state":833},"Thu Apr 24 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Secures $30 Million Series B Funding","Push Security Secures $30 Million Series B Funding Led by Redpoint Ventures to Fight the Rising Tide of Identity Attacks",[811,820,828],{"@type":47,"@version":48,"id":812,"meta":813,"component":815,"responsiveStyles":818},"builder-0b720a68bddb433c982aee6365e9d742",{"previousId":814},"builder-41a85805059e47199018b3e72434829c",{"name":273,"options":816,"isRSC":62},{"text":817},"\u003Cp>\u003Cem>New investors Datadog Ventures and B3 Capital join the round to propel research, product development, and global expansion\u003C/em>\u003C/p>",{"large":819},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":777,"meta":821,"component":823,"responsiveStyles":826},{"previousId":822},"builder-cce331854dd346bc89ad5dd8578eb084",{"name":273,"options":824,"isRSC":62},{"text":825},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>BOSTON, Mass., April 24, 2025 — Push Security, \u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response, \u003C/span>today announced a $30 million Series B funding round led by Redpoint Ventures, with participation from Datadog Ventures and B3 Capital. This investment will accelerate Push’s growth, fueling innovation and global expansion.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The round also saw involvement from existing investors, including Decibel and GV (Google Ventures), demonstrating strong confidence in Push Security’s mission to stop identity attacks — such as credential phishing and account takeover (ATO) using stolen credentials and tokens — a problem that has hit the industry hard, particularly in the last 12 months.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>This funding will enable Push Security to scale its platform capabilities, drive research and product development, and expand into new markets. It will also support strategic hiring to strengthen the company’s position as a leader in identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security’s browser-based identity security platform detects and intercepts identity attacks—such as zero-day phishing, credential stuffing, and session hijacking—before they escalate. By securing identities in the browser, Push helps organizations close security gaps left by traditional identity and security solutions. The platform also identifies vulnerabilities like stolen credentials, missing MFA controls, and non-SSO identities, enabling security teams to act proactively to close identity security gaps and stop breaches before they happen.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Compromised identities are now the prized target for attackers,” said Adam Bateman, CEO of Push Security. “Stolen credentials and phishing remain the top two causes of reported breaches, and high-profile incidents—like the Snowflake breach last summer— are showing us the massive impact they can have.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“We were the first to turn employees’ existing browsers into a powerful telemetry source and control point for stopping identity attacks,” he added. “This investment will push us further with what is possible in the browser and scale our impact globally to stop identity attacks.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>With Redpoint’s expertise in scaling transformative technology companies, and Datadog’s leadership in data-driven observability, Push is poised to redefine identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“In conversations with CISOs, it is clear that the new critical security perimeter is the browser,” said Erica Brescia, managing director at Redpoint Ventures. “With over 80 percent of cyber-attacks being identity-related, Push is uniquely positioned to protect organizations. We are thrilled to partner with the Push team as they execute on their mission to stop identity attacks.”&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Push recognizes that companies need to tackle identity attacks head-on by securing identities where it matters most—inside the browser,” said Bharat Sajnani, head of corporate development and ventures at Datadog. “Their research-driven approach is game-changing, and we’re excited to collaborate with them as they help organizations rethink identity security.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Since its founding, \u003Ca href=\"https://www.businesswire.com/news/home/20250122394289/en/Push-Security-Recognized-as-a-Rising-Star-for-ITDR-by-KuppingerCole-Analysts\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security has been recognized\u003C/a> as an early innovator for its unique approach to detecting and responding to identity attacks. The company’s research-based approach has led to significant contributions to the space including its SaaS attack matrix, an open source repository of SaaS-native attack techniques, which is now widely used by security researchers, red and blue teams, and penetration testers around the world. This research focus is at the heart of&nbsp;Push’s threat-informed product feature development which, combined with its browser technology, is significantly more effective at stopping identity attacks earlier and with much greater accuracy&nbsp;than anything that has come before.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security has experienced rapid growth, serving customers across industries including technology, finance, and healthcare. In January 2025, Push’s customer base grew 380 percent year-over-year, and its platform is now deployed on more than 1.5 million endpoints globally as identity attacks and the growing recognition that these threats can be mitigated in the browser gains momentum. Additionally, the company more than doubled its employee headcount over the past year and \u003Ca href=\"https://pushsecurity.com/news/former-crowdstrike-sales-leader-joins-push-security-cro\" rel=\"noopener noreferrer\" target=\"_blank\">welcomed Chief Revenue Officer Kevin Arsenault\u003C/a>, former sales leader at CrowdStrike and Proofpoint, to its executive ranks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Bateman also shared more of his thoughts on today’s news on the \u003Ca href=\"https://www.pushsecurity.com/blog/series-b-and-beyond\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a>.&nbsp;\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss — all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":827},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":829,"@type":47,"tagName":83,"properties":830,"responsiveStyles":831},"builder-pixel-moj5szi8zi",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":832},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":834},{"path":29,"query":835},{},{},1782829048835,1745497089109,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3902111146024c35b342bccc9de0afb3",[],{"kind":297,"lastPreviewUrl":842,"breakpoints":843,"originalContentId":844,"hasLinks":6,"winningTest":62,"hasErrors":6,"hasAutosaves":6},"https://pushsecurity.com/news/push-security-secures-30-million-series-b-funding?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=4831d56a62b04968a7dcaceeeb760064&builder.overrides.4831d56a62b04968a7dcaceeeb760064=4831d56a62b04968a7dcaceeeb760064&builder.overrides.press-pages:/news/push-security-secures-30-million-series-b-funding=4831d56a62b04968a7dcaceeeb760064&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"19b90d05ba504dac8aa46b58f782d224",{"createdDate":846,"id":847,"name":848,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":849,"data":852,"variations":882,"lastUpdated":883,"firstPublished":884,"testRatio":23,"screenshot":885,"createdBy":292,"lastUpdatedBy":292,"folders":886,"meta":887,"rev":362},1745017138329,"fc6c5191bdb342aa970647ff26a5ecb9","PR20241203 Push Security Launches New Stolen Credentials Detection Capability",[850],{"@type":233,"property":234,"operator":235,"value":851},"/news/push-security-launches-new-stolen-credentials-detection-capability",{"image":853,"themeId":6,"title":854,"seoDescription":855,"date":856,"ogImage":853,"seoTitle":855,"blocks":857,"url":851,"state":879},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F74357f3d2ed647e78368d7ad6fcfac7b","Push Security Transforms Threat Intelligence Analysis With New Verified Stolen Credentials Detection Capability","Push Security Launches New Stolen Credentials Detection Capability","Tue Dec 03 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[858,865,874],{"@type":47,"@version":48,"id":859,"component":860,"responsiveStyles":863},"builder-787a1f4a964441958e9c59d1e2ce3e1f",{"name":273,"options":861,"isRSC":62},{"text":862},"\u003Cp>\u003Cem>New feature eliminates high false positive rates in TI data, helping security teams cut through the noise\u003C/em>\u003C/p>",{"large":864},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":866,"meta":867,"component":869,"responsiveStyles":872},"builder-2a486bdd0f844c4cb90e4c3017f16f50",{"previousId":868},"builder-85b54d9d32754412a9b7d4b96ca9b9e4",{"name":273,"options":870,"isRSC":62},{"text":871},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Dec. 3, 2024 — Push Security,\u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response\u003C/span>, today unveiled verified stolen credentials detection capability, a new feature designed to reshape how security teams combat identity threats. By analyzing threat intelligence (TI) on stolen credentials and comparing it against active credentials in customer environments, the Push platform eliminates false positives, delivering only actionable alerts to help organizations protect compromised workforce identities.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>This paradigm shift promises to drastically reduce the noise security teams face, empowering them to act swiftly on verified threats without wading through unreliable or redundant TI data.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>A Game-Changer for Security Teams\u003C/strong>\u003C/h4>\u003Cp>Some of the general challenges that security teams face when using TI to identify stolen credentials include:\u003C/p>\u003Cul>\u003Cli>Stolen passwords may appear in intelligence as new breaches, but the data is actually a recycled combolist (aggregated list of lists) rather than a new incident.\u003C/li>\u003Cli>Infostealer threat intel can stem from a personal device that was compromised and once accessed corporate assets, but is no longer active or using that password.\u003C/li>\u003Cli>TI sources may alert on stolen credentials for a specific app following a breach, but the creds are no longer in use there; however, with password reuse being a common practice, they could still be used on a different high-value app.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"Many TI vendors excel at collecting data from hard-to-access sources, but security teams are often overwhelmed by false positives,\" said Jacques Louw, co-founder and chief product officer at Push Security. \"With low actionable intelligence rates and recycled credentials muddying the waters, alerts are frequently ignored or feeds disabled. Our verified stolen credentials detection capability cuts through the noise, providing only verified threats that teams can act on immediately.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security's approach is to create fingerprints of potentially stolen passwords by salting, hashing and truncating them and then sending these fingerprints to the browser agent for comparisons. In this way no password material ever leaves the secure browser context.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Why This Matters Now\u003C/strong>\u003C/h4>\u003Cp>The rise of credential-based cyberattacks has reached alarming levels in the past few years:\u003C/p>\u003Cul>\u003Cli>IBM reports a&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.ibm.com%2Freports%2Fthreat-intelligence&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=71%25+year-over-year+increase&amp;index=1&amp;md5=da81be5dcaa84cebb1d717f792c1e578\" rel=\"noopener noreferrer\" target=\"_blank\">71% year-over-year increase\u003C/a>&nbsp;in cyberattacks leveraging stolen or compromised credentials, making them the top initial access method for cyber intrusions.\u003C/li>\u003Cli>\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgo.recordedfuture.com%2Fhubfs%2Freports%2Fta-2024-0321.pdf&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=Recorded+Future+observed+a+135%25+increase&amp;index=2&amp;md5=d56d3e4c0dd47863ca135d08ddb9b90b\" rel=\"noopener noreferrer\" target=\"_blank\">Recorded Future observed a 135% increase\u003C/a>&nbsp;in harvested credentials last year and a 166% spike in those bundled with cookies, enabling attackers to bypass MFA protections.\u003C/li>\u003Cli>Meanwhile, Mandiant’s last two&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fcloud.google.com%2Fsecurity%2Fresources%2Fm-trends&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=M-Trends+reports&amp;index=3&amp;md5=ee633dfdd157b13adcb8e221c3da0949\" rel=\"noopener noreferrer\" target=\"_blank\">M-Trends reports\u003C/a>&nbsp;found that stolen creds were the third and fourth most-used initial intrusion method of the last two years.\u003C/li>\u003Cli>And, Cisco Talos researchers found that the&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fblog.talosintelligence.com%2Fcisco-talos-2023-year-in-review%2F&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=use+of+valid+accounts&amp;index=4&amp;md5=7baab373ae4ed8f60f7603d9c1fb391a\" rel=\"noopener noreferrer\" target=\"_blank\">use of valid accounts\u003C/a>&nbsp;was the second-most common attack technique in their 2023 findings.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Despite the critical nature of this threat, security teams often face overwhelming volumes of stolen credential alerts, many of which are inaccurate, recycled, or outdated. Push Security’s verified stolen credentials detection addresses this challenge head-on.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Unique Insights: Push Security Finds TI False Positive Rates at Astonishing 99.5%\u003C/strong>\u003C/h4>\u003Cp>\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=A+recent+review+of+TI+data&amp;index=5&amp;md5=b42d2e8edad2e74bfb0fff21dbed6773\" rel=\"noopener noreferrer\" target=\"_blank\">A recent review of TI data\u003C/a>&nbsp;by Push Security researchers found that less than 1% of threat intelligence in a multi-vendor dataset on stolen credentials was actionable for its customer base. In other words, more than 99% of the stolen credentials checked were false positives at the time of the review. Push researchers evaluated threat intelligence data from several popular vendors and found 5,763 username and password combinations that matched Push customer employees.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>After analyzing threat intelligence data from multiple vendors, the company found:\u003C/p>\u003Cul>\u003Cli>Out of 5,763 stolen username and password combinations matching customer domains, only&nbsp;\u003Cstrong>0.5% were still valid\u003C/strong>&nbsp;in customer environments.\u003C/li>\u003Cli>TI sources frequently flagged recycled credential lists or data from inactive accounts, diluting the actionable intelligence.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“By focusing on only true positives, Push Security’s new verified stolen credentials feature enables organizations to respond to this intelligence with confidence they aren’t chasing another dead end, upping the odds of taking action in time to prevent impact,” said Louw. “This capability is a game-changer for security teams facing an ever-growing wave of credential-based identity attacks. The Push platform ensures that teams spend their time addressing verified, actionable alerts rather than sifting through endless false positives.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As credential theft continues to rise, this new feature complements the important work of threat intelligence vendors and provides a clear path for security teams to stay ahead of attackers and protect their organizations,\" added Louw.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Availability and Integration\u003C/strong>\u003C/h4>\u003Cp>This new capability is included at no additional cost for Push Security customers and is seamlessly integrated into the existing platform, making it easier than ever to leverage powerful TI data without adding operational burden.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>For more information on Push Security and its verified stolen credentials detection feature, visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;index=6&amp;md5=0db18f05d645c6ffa65ce47f4633ea45\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/verified-stolen-credential-detection\u003C/a>.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":873},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":875,"@type":47,"tagName":83,"properties":876,"responsiveStyles":877},"builder-pixel-pwby571em3a",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":878},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":880},{"path":29,"query":881},{},{},1778020302021,1745017460011,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe7d0f229dce44dc69c8a1c6ea88620e1",[],{"originalContentId":888,"breakpoints":889,"winningTest":62,"lastPreviewUrl":890,"kind":297,"hasLinks":6,"hasAutosaves":6},"cd5705801c124f03a28b91b474723a77",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-launches-new-stolen-credentials-detection-capability?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=fc6c5191bdb342aa970647ff26a5ecb9&builder.overrides.fc6c5191bdb342aa970647ff26a5ecb9=fc6c5191bdb342aa970647ff26a5ecb9&builder.overrides.press-pages:/news/push-security-launches-new-stolen-credentials-detection-capability=fc6c5191bdb342aa970647ff26a5ecb9&builder.options.locale=Default",{"createdDate":892,"id":888,"name":893,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":894,"data":897,"variations":925,"lastUpdated":926,"firstPublished":927,"testRatio":23,"screenshot":928,"createdBy":292,"lastUpdatedBy":293,"folders":929,"meta":930,"rev":362},1745016824199,"PR20241121 Former Crowdstrike Sales Leader Joins Push as CRO",[895],{"@type":233,"property":234,"operator":235,"value":896},"/news/former-crowdstrike-sales-leader-joins-push-security-cro",{"themeId":6,"seoTitle":898,"title":898,"image":450,"ogImage":450,"seoDescription":899,"date":900,"blocks":901,"url":896,"state":922},"Former CrowdStrike Sales Leader Joins Push Security as Chief Revenue Officer","Kevin Arsenault brings extensive experience in building high performance teams to the browser-based ITDR space.","Thu Nov 21 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[902,909,917],{"@type":47,"@version":48,"id":903,"component":904,"responsiveStyles":907},"builder-27db37e2666f4564968f99fe7ece3480",{"name":273,"options":905,"isRSC":62},{"text":906},"\u003Cp>\u003Cem>Kevin Arsenault brings extensive experience in building high performance teams to browser-based ITDR space\u003C/em>\u003C/p>",{"large":908},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":868,"meta":910,"component":912,"responsiveStyles":915},{"previousId":911},"builder-bf6b0443a59c42d088b66d825dc3c0f9",{"name":273,"options":913,"isRSC":62},{"text":914},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Nov. 21, 2024 — Push Security, \u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response\u003C/span>, today announced that Kevin Arsenault has joined the company as Chief Revenue Officer (CRO). Arsenault has a distinguished background and proven success at other cutting-edge cybersecurity companies, including Proofpoint, an innovative cybersecurity and compliance vendor, and endpoint detection and response (EDR) leader CrowdStrike. He brings a wealth of expertise that will support Push Security’s mission to redefine identity security by securing browser-based identity threat visibility and response.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Arsenault brings the experience of more than two decades in sales leadership to Push, most recently as CRO for Ordr, a leader in connected device security. Prior to Ordr he was part of the early sales team at CrowdStrike, which was instrumental in building strong revenue growth and helping take the company to a billion-plus valuation in its 2019 initial public offering. Continued success led to him ultimately serving as vice president of sales for North America. Before CrowdStrike, he was vice president of worldwide advanced security and information governance sales at Proofpoint, helping build the sales team and revenues in advance of a highly successful 2012 IPO which saw a 30 percent increase in share price during its debut.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“We’re incredibly excited to welcome Kevin to the Push team,” said Adam Bateman, co-founder and CEO of Push Security. “Kevin joined CrowdStrike at a time when attackers had shifted their focus from attacking the network perimeter, to attacking endpoints. At that time, security teams lacked the telemetry and visibility required to detect attacker activity at the endpoint. Now he's joining Push at a time where attackers have shifted from the endpoint to identities in the cloud. We've both lived through these big shifts in attacker tactics before, so we make the perfect team to help the industry advance.\"\u003C/p>\u003Cp>Push Security’s distinctive browser-based  approach leverages unique telemetry and in-browser response controls to identify, intercept, and shut down identity attacks as they happen. By adopting this proactive and identity-focused stance, Push Security aims to advance the detection and response space in a way that mirrors the shift seen in EDR, which was largely driven by innovations like those championed at CrowdStrike and other emerging players.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“I’m thrilled to join Push Security at such a pivotal time in the evolution of identity security,” said Arsenault. “Our approach to leveraging the browser as a telemetry source and control point is uniquely positioned to address critical gaps in identity security, particularly against sophisticated threats like adversary-in-the-middle attacks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“This is the future of proactive identity defense, and I’m excited to bring my experience to drive the company into its next phase,” he added.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Unlike traditional tools that primarily protect at the device level, Push brings a distinct approach to detection and response, focusing on cloud and browser visibility, capturing insights into potential identity threats in a way that fundamentally addresses key vulnerabilities in modern security tools and frameworks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As Push Security continues to expand, the company remains committed to building a diverse and innovative team dedicated to redefining identity security for the modern enterprise,” added Bateman. “Bringing Kevin on to the team signifies a strategic commitment to our growth and leadership, as we continue our focus on protecting organizations from emerging threats to the new identity perimeter.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Arsenault has shared more reasons for joining Push Security on the company blog:&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fwhy-im-joining-push-security-the-team-redefining-itdr&amp;esheet=54156000&amp;newsitemid=20241121746989&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fwhy-im-joining-push-security-the-team-redefining-itdr&amp;index=1&amp;md5=3a0ccc2072d95890d72847c497733c6c\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/why-im-joining-push-security-the-team-redefining-itdr\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>For more information about Push Security and open positions, visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.pushsecurity.com&amp;esheet=54156000&amp;newsitemid=20241121746989&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com&amp;index=2&amp;md5=cc5718e676c0456356e872e1fdd081bf\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":916},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":918,"@type":47,"tagName":83,"properties":919,"responsiveStyles":920},"builder-pixel-k1umo2gobpm",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":921},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":923},{"path":29,"query":924},{},{},1782395275468,1745017133363,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff3d2eb1d3a4749cb90c6a729fba50124",[],{"hasLinks":6,"originalContentId":931,"lastPreviewUrl":932,"winningTest":62,"kind":297,"breakpoints":933,"hasErrors":6,"hasAutosaves":6},"a3bb1ec62ef34682a686618d761f37f4","https://pushsecurity.com/news/former-crowdstrike-sales-leader-joins-push-security-cro?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=cd5705801c124f03a28b91b474723a77&builder.overrides.cd5705801c124f03a28b91b474723a77=cd5705801c124f03a28b91b474723a77&builder.overrides.press-pages:/news/former-crowdstrike-sales-leader-joins-push-security-cro=cd5705801c124f03a28b91b474723a77&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":935,"id":931,"name":936,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":937,"data":940,"variations":970,"lastUpdated":971,"firstPublished":972,"testRatio":23,"screenshot":973,"createdBy":292,"lastUpdatedBy":974,"folders":975,"meta":976,"rev":362},1745016416170,"PR20241119 New Security Alert: Cross IDP Impersonation ",[938],{"@type":233,"property":234,"operator":235,"value":939},"/news/push-security-new-security-alert-cross-idp-impersonation",{"ogImage":450,"seoDescription":941,"seoTitle":941,"image":450,"themeId":6,"title":942,"date":943,"blocks":944,"url":939,"state":967},"New Security Alert: Cross-IdP Impersonation ","New Security Alert from Push Security: Cross-IDP Impersonation Threatens SSO Security to Gain Unauthorized Access to Downstream Apps","Tue Nov 19 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[945,954,962],{"@type":47,"@version":48,"id":946,"meta":947,"component":949,"responsiveStyles":952},"builder-a5c13d9a57534405bd0a7d38f2d14a88",{"previousId":948},"builder-1d2bfddaed9a4fb6840f3df35157e3b2",{"name":273,"options":950,"isRSC":62},{"text":951},"\u003Cp>\u003Cem style=\"font-size: 16px;\">Push adds Cross-IdP impersonation to the SaaS attack matrix, enabling fraudulent IdP accounts to be used\u003C/em>\u003C/p>",{"large":953},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":911,"meta":955,"component":957,"responsiveStyles":960},{"previousId":956},"builder-81c491477b064c92b23bca18cec21736",{"name":273,"options":958,"isRSC":62},{"text":959},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Nov. 19, 2024 — Security researchers at Push Security, \u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response,\u003C/span> have identified a new technique used by attackers known as \"Cross-IdP Impersonation,\" that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream applications without compromising a company's primary identity provider (IdP). Recent high-profile vulnerabilities, including ones involving Zendesk and Google, demonstrate the increasing risk this technique poses for organizations relying on SSO for secure access to software-as-a-service (SaaS) apps.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation exploits a flaw in SSO configurations by allowing attackers to create fraudulent IdP accounts matching an organization’s domain, which are then used to access downstream apps via SSO. This tactic enables unauthorized access to various downstream applications, bypassing even the most secure primary IdP protections.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Notable Examples of Cross-IdP Impersonation\u003C/strong>\u003C/h4>\u003Cp>Two recent cases have highlighted the impact of Cross-IdP impersonation. In one instance, a&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgist.github.com%2Fhackermondev%2F68ec8ed145fcee49d2f5e2b9d2cf2e52&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=15-year-old+researcher+abused+a+flaw+in+Zendesk&amp;index=1&amp;md5=3e245a76f52b6f21e6bd16548370751d\" rel=\"noopener noreferrer\" target=\"_blank\">15-year-old researcher abused a flaw in Zendesk\u003C/a>&nbsp;to create fraudulent Apple SSO accounts linked to hundreds of legitimate company domains. Using this newly created IdP account, the researcher could infiltrate connected apps, including Slack, exposing potentially sensitive information across multiple business applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In another example,&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fkrebsonsecurity.com%2F2024%2F07%2Fcrooks-bypassed-googles-email-verification-to-create-workspace-accounts-access-3rd-party-services%2F&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=a+now-resolved+Google+domain+verification+flaw&amp;index=2&amp;md5=20a0da7ace3250189c28c47b4db1082b\" rel=\"noopener noreferrer\" target=\"_blank\">a now-resolved Google domain verification flaw\u003C/a>&nbsp;previously enabled newly created Google Workspace accounts to authenticate via SSO without requiring domain verification, which could then be used to access login to downstream applications usually accessed with a different SSO provider.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Security Implications and Attack Surface\u003C/strong>\u003C/h4>\u003Cp>“Cross-IdP impersonation could be likened to&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fghost-logins-when-forgotten-identities-come-back-to-haunt-you%2F&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=ghost+logins&amp;index=3&amp;md5=2d3dd5c0ea386eed146f3c5289a6f0bc\" rel=\"noopener noreferrer\" target=\"_blank\">ghost logins\u003C/a>&nbsp;on steroids,” said Dan Green, security researcher at Push Security. “This attack method bypasses traditional security safeguards that protect main IdP accounts. It doesn’t matter how locked down your primary IdP account is if attackers can simply create a new one for your domain.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“In the examples we’ve seen in the wild, these attacks required no user interaction by exploiting configuration weaknesses in IdP and SaaS services. But the same result could be achieved through convincing social engineering scams, without needing to phish MFA factors or lure users to malicious webpages,” he continued.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security tests on the most popular applications used by Push customers revealed that 3 in 5 of the apps tested do not require re-verification by default when adding a new SSO login method, meaning that an attacker can log in with a newly registered IdP and take over the accounts on downstream applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Mitigation and Security Recommendations\u003C/strong>\u003C/h4>\u003Cp>Push Security recommends that organizations take proactive steps to defend against Cross-IdP impersonation:\u003C/p>\u003Cul>\u003Cli>Set Email Alerts: Implement automated email alerts for new IdP activation emails sent to employees, providing visibility into unauthorized IdP connections to company domains.\u003C/li>\u003Cli>Restrict Account Conversion: Where configurable, prevent the conversion of personal accounts to corporate accounts within primary IdP platforms.\u003C/li>\u003Cli>Enforce Re-Verification Protocols: Where configurable, require downstream applications to enforce re-verification when adding new SSO methods. Requiring login with the original method, rather than email approval, is a more secure approach.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>A Growing Threat Landscape\u003C/strong>\u003C/h4>\u003Cp>With the success of recent attacks, both attackers and security researchers are expected to focus increasingly on Cross-IdP impersonation techniques.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As applications typically integrate with several IdPs, the inconsistencies in authentication are creating exploitable gaps in SaaS security across applications,” said Green.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Organizations are urged to monitor and tighten SaaS and IdP configurations and prepare to detect and respond to unauthorized SSO methods being used.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation could be mitigated with a unified approach to SSO verification by SaaS providers by ensuring re-verification upon a new method being added, but companies must act now to protect their data, accounts, and applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security has updated its popular&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgithub.com%2Fpushsecurity%2Fsaas-attacks&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=SaaS+attack+matrix+resource&amp;index=4&amp;md5=bc097be7d0189d9654c7b283a03bb5b6\" rel=\"noopener noreferrer\" target=\"_blank\">SaaS attack matrix resource\u003C/a>, used by security teams to simulate and defend against SaaS and identity attacks, and has provided more details on this cross-IdP impersonation trend on the Push Security blog:&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&amp;index=5&amp;md5=7761e208ec7d407deac28dd3c469e478\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/cross-idp-impersonation\u003C/a>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":961},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":963,"@type":47,"tagName":83,"properties":964,"responsiveStyles":965},"builder-pixel-qu8fh82zvb",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":966},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":968},{"path":29,"query":969},{},{},1778249956534,1745016786985,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F471da2ab5f0447e6b87e78cb69b114eb","SfUPqW5tkibIPby49keNFMdHFTr1",[],{"winningTest":62,"breakpoints":977,"lastPreviewUrl":978,"hasLinks":6,"originalContentId":979,"kind":297,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-new-security-alert-cross-idp-impersonation?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=a3bb1ec62ef34682a686618d761f37f4&builder.overrides.a3bb1ec62ef34682a686618d761f37f4=a3bb1ec62ef34682a686618d761f37f4&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","f0db5df32b904435841922cd66c7db65",{"createdDate":981,"id":979,"name":982,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":983,"data":986,"variations":1013,"lastUpdated":1014,"firstPublished":1015,"testRatio":23,"screenshot":1016,"createdBy":292,"lastUpdatedBy":974,"folders":1017,"meta":1018,"rev":362},1745015871258,"PR20230402 Push Security Raises $15M Series A Round",[984],{"@type":233,"property":234,"operator":235,"value":985},"/news/push-security-raises-15m-series-a-round",{"image":373,"seoTitle":987,"seoDescription":987,"ogImage":373,"date":988,"themeId":6,"title":989,"blocks":990,"url":985,"state":1010},"Push Security Raises $15M Series A Round","Sun Apr 02 2023 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Raises $15M and Launches New Visibility and Employee-Powered Tools to Help Enterprises Scale SaaS Security",[991,997,1005],{"@type":47,"@version":48,"id":948,"component":992,"responsiveStyles":995},{"name":273,"options":993,"isRSC":62},{"text":994},"\u003Cp>\u003Cem>Hundreds of teams at companies like Upvest, Inductive Automation and Sanlam use Push to significantly reduce security risks from SaaS usage\u003C/em>\u003C/p>",{"large":996},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":956,"meta":998,"component":1000,"responsiveStyles":1003},{"previousId":999},"builder-5b4cafb7e0bb420781648c98308e3e5f",{"name":273,"options":1001,"isRSC":62},{"text":1002},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, April 2, 2023 — Push Security, \u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response\u003C/span>, has raised $15M in Series A funding. GV (\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.gv.com%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Google+Ventures&amp;index=2&amp;md5=ff527e6adb8bbb429a908b5fa3140dc9\" rel=\"noopener noreferrer\" target=\"_blank\">Google Ventures\u003C/a>) led the funding with participation from&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.decibel.vc%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Decibel&amp;index=3&amp;md5=9c11affb682543e6d086d26caf2a2aae\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;and notable angels, including&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fdugsong%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Dug+Song&amp;index=4&amp;md5=332409d5e9fd3057901c68d18e2df27c\" rel=\"noopener noreferrer\" target=\"_blank\">Dug Song\u003C/a>, co-founder and former CEO at Duo Security, and Tray.io co-founder and CEO&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Frichwaldron%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Rich+Waldron&amp;index=5&amp;md5=bf810a728bee51aa4c8b215f3accdda2\" rel=\"noopener noreferrer\" target=\"_blank\">Rich Waldron\u003C/a>. GV General Partner&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fkarimfaris%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Karim+Faris&amp;index=6&amp;md5=646bafa310c7737e87482efb8c432e2f\" rel=\"noopener noreferrer\" target=\"_blank\">Karim Faris\u003C/a>&nbsp;and&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fjonoberheide%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Jon+Oberheide&amp;index=7&amp;md5=afec65f350fcc0ce20d1288fe681ba2c\" rel=\"noopener noreferrer\" target=\"_blank\">Jon Oberheide\u003C/a>, co-founder and former CTO of Duo Security, have joined the board.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Hundreds of teams and more than 50,000 users rely on Push Security to uncover any employee-owned SaaS deployed within the business and quickly remediate critical security vulnerabilities exposed by SaaS use. To ensure Push was scalable, able to support the smallest to the largest organizations, and that the product could provide a fully self-service purchasing and onboarding process, the company was focused on strong UX and building the right features after launching in July 2022. Now that the company can focus on commercial success, Push has seen a 14X increase in revenue in the first quarter of 2023.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>According to Push’s data, unchecked SaaS usage has increased significantly in the past year, leading to growing costs and security risks for enterprises:\u003C/p>\u003Cul>\u003Cli>Since its launch last year in July 2022, Push has added nearly 500 SaaS apps.\u003C/li>\u003Cli>41 percent of Microsoft 365 and 55 percent of Google Workspace app integrations were only used by a single employee.\u003C/li>\u003Cli>23 percent of Microsoft integrations and 17 percent of Google integrations granted access to high risk assets and data such as email, calendar, and shared drives.\u003C/li>\u003Cli>Only one-third of Microsoft app integrations were approved by IT via OAuth. The other two thirds were provisioned directly by employees with no IT oversight or visibility.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"As security professionals, we're facing a significant increase in SaaS risk and as a result, rethinking how we approach company security,\" said Adam Bateman, Push Security’s co-founder and CEO. \"An explosion in SaaS adoption, coupled with a big push to self-service platforms driven by product-led growth (PLG), means employees increasingly sign up and buy SaaS directly without going through the security team first. This creates an unwieldy sprawl of SaaS applications being introduced to the business with no corporate oversight. Security teams have to play catch-up to ensure these apps aren’t exposing their businesses to undue security risks or invalidating their security compliance.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Today Push Security is launching a host of new features to help security teams take control of their SaaS portfolio:\u003C/p>\u003Cul>\u003Cli>\u003Cstrong>The Industry's First and Only Browser-Based SaaS Account Discovery Tool.&nbsp;\u003C/strong>Because it is the only platform to operate in the browser, Push enables a deeper, more complete assessment of user accounts employees have created that could be vulnerable to password guessing, credential stuffing, have been exposed as part of a prior breach, or are missing important security controls such as MFA.\u003C/li>\u003Cli>\u003Cstrong>Just-in-Time Notifications Empowering User-Led Compliance.&nbsp;\u003C/strong>Alerts are\u003Cstrong>&nbsp;\u003C/strong>directed to security teams and employees through Slack and Microsoft Teams instant notifications to prevent employees from creating security issues, such as prevention of password re-use or weak passwords. With one click, employees can take action to secure their accounts.\u003C/li>\u003Cli>\u003Cstrong>Managed Browser Extension Deployment.&nbsp;\u003C/strong>Push can be installed via managed Chrome, Group Policy (Microsoft Active Directory), or Mobile Device Management (MDM) to every employee browser to ensure complete coverage.\u003C/li>\u003Cli>\u003Cstrong>Detection of Risky Third-Party Integrations.\u003C/strong>&nbsp;A new dashboard allows security teams to see all SaaS integrations\u003Cem>&nbsp;\u003C/em>connected to core platforms (Google Workspace and Microsoft 365), with warnings if those integrations are doing anything suspicious or malicious, or asking for excessive or risky permissions.\u003C/li>\u003Cli>\u003Cstrong>ChatOps Messaging for Security Teams&nbsp;\u003C/strong>- Now Push administrators can receive notifications in Microsoft Teams or Slack channels to get alerted immediately when a new third-party integration is detected or a user contacted via ChatOps confirms that a mail rule looks suspicious.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"The threat landscape has shifted dramatically, as organizational IT resources have evolved from centrally-managed and hosted applications to team- or employee-managed cloud hosted SaaS with deep interdependencies (via integrations),\" shares Sebastien Jeanquier, Chief Security Officer at fintech company Upvest. \"Push allows us to gain deep insights into the usage of SaaS across our organization, including integrations that could pose a risk to company data, but also automate the remediation of these at scale by involving the internal users of SaaS application directly in the assessment and decision making.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The global workforce is moving toward greater freedom and flexibility with SaaS applications, which introduces new security complexities and challenges,” says Karim Faris, General Partner at GV. “That trend presents a critical need for better, simpler tools that engage employees and take the burden off centralized IT to manage SaaS sprawl. GV is excited to partner with the Push team as they help modern security teams navigate the evolving cybersecurity threat landscape.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push is free to try and free to use for up to 10 users.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2F%3Futm_source%3Dbusiness-wire%26utm_medium%3Dpress-release%26utm_campaign%3Dseries-a&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2F&amp;index=8&amp;md5=7804c8833580dc30d17b4d70e3574f25\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/\u003C/a>&nbsp;to sign up and start your trial.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":1004},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":1006,"@type":47,"tagName":83,"properties":1007,"responsiveStyles":1008},"builder-pixel-cjesit3kb97",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":1009},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":1011},{"path":29,"query":1012},{},{},1778249926427,1745016403288,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb12c83e44a634eaeb9d554d5b00f09b8",[],{"originalContentId":1019,"kind":297,"winningTest":62,"breakpoints":1020,"lastPreviewUrl":1021,"hasLinks":6,"hasAutosaves":6},"ab716a918d7a4962a6edbad4dcae366b",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-raises-15m-series-a-round?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=f0db5df32b904435841922cd66c7db65&builder.overrides.f0db5df32b904435841922cd66c7db65=f0db5df32b904435841922cd66c7db65&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":1023,"id":1019,"name":1024,"modelId":257,"published":13,"stageModifiedSincePublish":6,"query":1025,"data":1028,"variations":1055,"lastUpdated":1056,"firstPublished":1057,"testRatio":23,"screenshot":1058,"createdBy":292,"lastUpdatedBy":974,"folders":1059,"meta":1060,"rev":362},1745015065401,"PR20220719 Push Security Announces $4M Seed Round",[1026],{"@type":233,"property":234,"operator":235,"value":1027},"/news/push-security-announces-4m-seed-round",{"ogImage":374,"seoDescription":1029,"seoTitle":1029,"image":374,"date":1030,"themeId":6,"title":1031,"blocks":1032,"url":1027,"state":1052},"Push Security Announces $4M Seed Round","Tue Jul 19 2022 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Announces $4M Seed Round to Introduce User-Centric Approach to Securing SaaS",[1033,1040,1047],{"@type":47,"@version":48,"id":1034,"component":1035,"responsiveStyles":1038},"builder-6cba38f8ebe3464a8a424c633d1e59a0",{"name":273,"options":1036,"isRSC":62},{"text":1037},"\u003Cp>\u003Cem>Push Security announces it completed a $4 million seed round led by Decibel and backed by prominent industry leaders, including Jon Oberheide and Haroon Meer. With this funding, Push will continue to develop technology that equips employees to secure SaaS.\u003C/em>\u003C/p>",{"large":1039},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"@type":47,"@version":48,"id":999,"meta":1041,"component":1042,"responsiveStyles":1045},{"previousId":822},{"name":273,"options":1043,"isRSC":62},{"text":1044},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, July 19, 2022 — Push Security,\u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response\u003C/span>, today announced it completed a $4 million seed round led by&nbsp;\u003Ca href=\"http://decibel.vc/\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;and backed by&nbsp;\u003Ca href=\"https://pushsecurity.com/about/\" rel=\"noopener noreferrer\" target=\"_blank\">prominent industry leaders\u003C/a>, including Jon Oberheide, co-founder of Duo Security, and Haroon Meer, CEO and founder of Thinkst. With this funding, Push will continue to develop technology that guides employees to make smart decisions while they are using company SaaS platforms, enlisting their help to improve security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In a cloud-first world, employees are moving fast and adopting SaaS platforms to get things done. Most organizations have hundreds of SaaS apps in use in their environment and the majority of those apps are owned by employees rather than IT or security. SaaS makes productivity gains and technical innovation accessible for companies of all sizes, but it also introduces risk to the business unless it’s properly managed. Without a way to ensure employees are using SaaS securely, many organizations resort to try to control SaaS with highly restrictive policies, which is frustrating for both employees and security teams.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push believes that the best way to support this move toward productivity and flexibility is to adopt a user-centric approach — to equip employees to improve their own security while using SaaS.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The world of work is shifting in a big way,” said Adam Bateman, Push co-founder and CEO. “Employees want flexibility and they need the right tools to be productive, but those tools aren’t always company-approved. So, they’re signing up for those tools on their own. Security teams want to assert some control over this because SaaS apps introduce risk to their company, so they often try to simply lock down SaaS. However, in the long run this just encourages employees to work around the security team. You can’t secure SaaS that’s owned by employees without working with employees. We’ve built a lightweight, scalable way to let employees use SaaS responsibly, guiding them to actually fix security issues, while offloading work from security teams. We’ll prove along the way that employees don’t need to just be seen as part of the problem, but can actually become part of the solution.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The future of cyber resilience in a SaaS-first world needs cloud-scale solutions designed for the user,” added Ollie Whitehouse, angel investor and CTO at NCC Group. “Push has delivered a solution that has unlimited potential to provide value to all organizations in such a world.”&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Jon Sakoda, Push investor and founder of Decibel, invested in Push’s vision for the future and scalable approach to a really difficult problem. “The Push team has set out to help organizations of every size safely adopt SaaS,” said Jon. “The co-founders have deep security experience as researchers and red teamers, and they’re applying that knowledge to an exponentially growing problem that no one else has been able to solve. I can’t wait to see what the Push team will do to apply user-centric security to finally help organizations progress beyond traditional security solutions that have not been able to keep up with the pace of modern IT.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Push is connecting the dots between users and their SaaS applications, allowing them to use the apps they love while keeping their organization secure,” added Jon Oberheide, angel investor, co-founder and former CTO of Duo Security (acquired by Cisco).&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push is free to try and free to use for up to 10 users. Visit&nbsp;\u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">pushsecurity.com\u003C/a>&nbsp;to sign up and start your trial.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push provides a super scalable way to secure SaaS, by equipping employees to join the fight against attackers and improve their own security. We monitor employee SaaS activity and then (using tools such as ChatOps and a browser extension) provide them with just-in-time guidance to help them make good security decisions about how they use and access SaaS. Push is backed by Decibel Partners. See Push in action at&nbsp;\u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">pushsecurity.com\u003C/a>&nbsp;and follow them on at&nbsp;\u003Ca href=\"https://twitter.com/PushSecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@PushSecurity\u003C/a>.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Decibel\u003C/strong>\u003C/p>\u003Cp>\u003Ca href=\"http://decibel.vc/\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;is an independent venture firm, based in Silicon Valley that backs technical founders and helps them find product-market fit and accelerate their business. Decibel invests in early-stage enterprise software companies, with a special focus on Cybersecurity, Developer Platforms, Open Source, and ML and AI Infrastructure and Applications\u003C/p>",{"large":1046},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"lineHeight":278,"height":279},{"id":1048,"@type":47,"tagName":83,"properties":1049,"responsiveStyles":1050},"builder-pixel-1v635zlbj09",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},{"large":1051},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},{"deviceSize":94,"location":1053},{"path":29,"query":1054},{},{},1778249885286,1745015850859,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9e5c7c6cc5ee4c1b9fe2d957a6f723e1",[],{"breakpoints":1061,"lastPreviewUrl":1062,"winningTest":62,"hasLinks":6,"kind":297,"originalContentId":844,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-announces-4m-seed-round?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=ab716a918d7a4962a6edbad4dcae366b&builder.overrides.ab716a918d7a4962a6edbad4dcae366b=ab716a918d7a4962a6edbad4dcae366b&builder.options.locale=Default",[1064,1082,1097,1113,1128,1143,1159,1173,1189,1204,1219,1235,1251,1266,1282,1298,1314,1329,1345,1361,1376,1392,1407,1422,1437,1452,1467,1483,1499,1514,1530,1546,1561,1577,1592,1607,1622,1635,1651,1666,1680,1696,1712,1727,1743,1759,1774,1789,1805,1821,1837,1851,1865,1881,1896,1911,1926,1940,1954,1970,1985,1999,2013,2028,2043,2058,2072,2086,2100,2115,2130,2146,2161,2176,2192,2206,2220,2235,2250,2265,2280,2295,2311,2325,2340,2355,2370,2385,2400,2414,2429,2443,2458,2473,2489,2505,2521,2537,2553,2568],{"createdDate":1065,"id":1066,"name":1067,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1069,"data":1070,"variations":1075,"lastUpdated":1076,"firstPublished":1077,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1078,"meta":1079,"rev":1081},1782774705248,"54b7d1f8e632407994e6c1fd181f6f49","THN Poisoned Tenant covg ","ca2059e5bce743f09d4bf2482c4305fb",[],{"title":1071,"image":1072,"date":1073,"url":1074},"Fake OpenAI organization invites used in new poisoned tenant campaign","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F98cb9bc215834c0e8b3e343b30460d74","Mon Jun 29 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2026/06/weekly-recap-linux-kernel-flaws-ai.html",{},1782774830648,1782774781599,[],{"kind":28,"hasErrors":6,"lastPreviewUrl":29,"breakpoints":1080,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"n9bpkxycd3",{"createdDate":1083,"id":1084,"name":1085,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1086,"data":1087,"variations":1091,"lastUpdated":1092,"firstPublished":1093,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1094,"meta":1095,"rev":1081},1782774636385,"333d23a8b5864130a3ad5b80306f9a79","SC Mag poisoned Tenant covg 6.29.26",[],{"url":1088,"date":1073,"title":1089,"image":1090},"https://www.scworld.com/brief/attackers-create-fake-openai-tenants-to-steal-company-data","Attackers create deceptive OpenAI tenants to steal company data","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0498e750b1a1418ca4949b1b33633f77",{},1782774697847,1782774697833,[],{"breakpoints":1096,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1098,"id":1099,"name":1100,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1101,"data":1102,"variations":1107,"lastUpdated":1108,"firstPublished":1109,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1110,"meta":1111,"rev":1081},1782502193958,"92d7a7a94d8e40b2b02fa88d63a827c4","BleepingComputer Poisoned Tenant covg 6.26.26",[],{"title":1103,"date":1104,"url":1105,"image":1106},"Cybersecurity firms targeted by fraudulent OpenAI organization invites","Fri Jun 26 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/cybersecurity-firms-targeted-by-fraudulent-openai-organization-invites/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F1a17b9cee2c840af84f235ba22b192bb",{},1782502341355,1782502341343,[],{"breakpoints":1112,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1114,"id":1115,"name":1116,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1117,"data":1118,"variations":1122,"lastUpdated":1123,"firstPublished":1124,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1125,"meta":1126,"rev":1081},1780442008734,"5257ad3f60b94bd8882f5b9f3cc79bff","Dark Reading covg device code phishing 6.2.26",[],{"url":1119,"title":1120,"date":413,"image":1121},"https://www.darkreading.com/cyber-risk/fbi-flagged-phishing-kit-kali365-expands-its-reach","FBI-Flagged Phishing Kit Kali365 Expands Its Reach","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F25408c4041974c37a678de30a4aee67a",{},1780605200856,1780442083301,[],{"lastPreviewUrl":29,"hasErrors":6,"kind":28,"breakpoints":1127,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1129,"id":1130,"name":1131,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1132,"data":1133,"variations":1137,"lastUpdated":1138,"firstPublished":1139,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1140,"meta":1141,"rev":1081},1780418319334,"3505c4cf00724d4ebff24335a7aa3ed0","Bleeping Computer AI frontline covg 6.2.26",[],{"date":413,"url":1134,"title":1135,"image":1136},"https://www.bleepingcomputer.com/news/security/why-the-browser-is-now-the-front-line-for-ai-security/","Why the browser is now the front line for AI security","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8dee0aff2c0f427bbdcb03a1f45f822b",{},1780440142089,1780418380203,[],{"breakpoints":1142,"lastPreviewUrl":29,"kind":28,"hasErrors":6,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1144,"id":1145,"name":1146,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1147,"data":1148,"variations":1153,"lastUpdated":1154,"firstPublished":1155,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1156,"meta":1157,"rev":1081},1780356015143,"91ac43d810f34268a3ea3586a40871ca","Infosecurity LLMShare covg 6.1.26",[],{"url":1149,"date":1150,"title":1151,"image":1152},"https://www.infosecurity-magazine.com/news/attackers-shared-content-chatgpt/","Mon Jun 01 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","Attackers abuse shared content for ChatGPT phishing campaign","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0b77c0e8bf1c48b09929ffdd949254a5",{},1780356152948,1780356152944,[],{"breakpoints":1158,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1160,"id":1161,"name":1162,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1163,"data":1164,"variations":1167,"lastUpdated":1168,"firstPublished":1169,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1170,"meta":1171,"rev":1081},1780355373072,"0160a50021644757ac707960f443ee1d","SC Mag LLMShare covg 6.1.26",[],{"image":1090,"date":1150,"title":1165,"url":1166},"Attackers use ChatGPT feature to spread malware","https://www.scworld.com/brief/attackers-use-chatgpt-feature-to-spread-malware",{},1780413264409,1780355416404,[],{"hasErrors":6,"breakpoints":1172,"lastPreviewUrl":29,"kind":28,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1174,"id":1175,"name":1176,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1177,"data":1178,"variations":1183,"lastUpdated":1184,"firstPublished":1185,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1186,"meta":1187,"rev":1081},1780273531627,"96375ef4891845b68877f704cd6f071b","Decoder LLMShare covg 5.3.26",[],{"title":1179,"url":1180,"date":1181,"image":1182},"Attackers abuse shared ChatGPT and Claude chats to spread malware","https://the-decoder.com/attackers-abuse-shared-chatgpt-and-claude-chats-to-spread-malware/","Sat May 30 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F73336902df0440ca8a3646e008faa2d2",{},1780273598066,1780273598062,[],{"breakpoints":1188,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1190,"id":1191,"name":1192,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1193,"data":1194,"variations":1198,"lastUpdated":1199,"firstPublished":1200,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1201,"meta":1202,"rev":1081},1780273177044,"0c05ca29a7134705b7be4cba25887258","CyberNews LLMShare covg 5.30.26",[],{"title":1195,"date":1181,"url":1196,"image":1197},"Hackers abuse ChatGPT's content-sharing feature to spread malware","https://cybernews.com/cybercrime/hackers-turn-chatgpt-into-a-malware-delivery-platform/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F44ac88a25a894b3fb036507e758d2de2",{},1780273361617,1780273361613,[],{"breakpoints":1203,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1205,"id":1206,"name":1207,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1208,"data":1209,"variations":1213,"lastUpdated":1214,"firstPublished":1215,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1216,"meta":1217,"rev":1081},1780080449524,"48bd763ee4d244f69ad2e9ead93ccc4b","Bleeping Computer LLMShare covg 5.29.26",[],{"title":1210,"date":1211,"url":1212,"image":1136},"ChatGPT share links abused to host fake outage pages to deliver malware","Fri May 29 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/",{},1780080680164,1780080680159,[],{"breakpoints":1218,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1220,"id":1221,"name":1222,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1223,"data":1224,"variations":1229,"lastUpdated":1230,"firstPublished":1231,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1232,"meta":1233,"rev":1081},1779118298832,"19b5499d22674f8192ebc4f9338b34f9","Bleeping Computer Tycoon2FA covg 5.17.26",[],{"title":1225,"date":1226,"url":1227,"image":1228},"Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing","Sun May 17 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/tycoon2fa-hijacks-microsoft-365-accounts-via-device-code-phishing/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F36bf8a57288a46249bd63de631f5f7ba",{},1779118359222,1779118359218,[],{"breakpoints":1234,"kind":28,"hasErrors":6,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1236,"id":1237,"name":1238,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1239,"data":1240,"variations":1245,"lastUpdated":1246,"firstPublished":1247,"testRatio":23,"createdBy":25,"lastUpdatedBy":292,"folders":1248,"meta":1249,"rev":1081},1778001364376,"b508bfbe9ccc4b97b4021c72366d1fcb","Bleeping Computer ConsentFix v3",[],{"date":1241,"image":1242,"title":1243,"url":1244},"Sat May 02 2026 08:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F10b0cc703db24b65a40c389e0c0be2da","ConsentFix v3 attacks target Azure with automated OAuth abuse","https://www.bleepingcomputer.com/news/security/consentfix-v3-attacks-target-azure-with-automated-oauth-abuse/",{},1778002782201,1778001411323,[],{"lastPreviewUrl":29,"kind":28,"breakpoints":1250,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1252,"id":1253,"name":1254,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1255,"data":1256,"variations":1260,"lastUpdated":1261,"firstPublished":1262,"testRatio":23,"createdBy":25,"lastUpdatedBy":25,"folders":1263,"meta":1264,"rev":1081},1778001289476,"7ed8bc6ece6140f2bce92e069f7e6a29","Bleeping Computer Vercel Breach",[],{"url":1257,"title":1258,"date":1259,"image":1228},"https://www.bleepingcomputer.com/news/security/learning-from-the-vercel-breach-shadow-ai-and-oauth-sprawl/","Learning from the Vercel breach","Wed Apr 29 2026 16:00:00 GMT+0100 (British Summer Time)",{},1778001358218,1778001358206,[],{"breakpoints":1265,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1267,"id":1268,"name":1269,"modelId":1068,"published":13,"stageModifiedSincePublish":6,"query":1270,"data":1271,"variations":1276,"lastUpdated":1277,"firstPublished":1278,"testRatio":23,"createdBy":25,"lastUpdatedBy":25,"folders":1279,"meta":1280,"rev":1081},1775659739316,"fea39700a5504424835fd0b917aea9d4","Guidepoint security contributed article April 2026",[],{"url":1272,"title":1273,"date":1274,"image":1275},"https://www.guidepointsecurity.com/blog/how-the-browser-became-the-battleground/","How the Browser became the Battleground","Wed Apr 08 2026 13:00:00 GMT+0100 (British Summer Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F924a2a6c847445c087df21caf48cddd7",{},1775659893019,1775659893007,[],{"breakpoints":1281,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1283,"id":1284,"name":1285,"modelId":1068,"published":13,"query":1286,"data":1287,"variations":1292,"lastUpdated":1293,"firstPublished":1294,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1295,"meta":1296,"rev":1081},1775580238148,"6aa111e4d7ad4c4cb46cc7b031abaa3a","Business of Cybersec podcast Adam interview 3.18.26",[],{"title":1288,"date":1289,"url":1290,"image":1291},"AI, social engineering, and the new browser attack surface","Wed Mar 18 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://techtalksnetwork.com/podcast/the-business-of-cybersecurity/episode/ai-social-engineering-and-the-new-browser-attack-surface","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbad9fab6263a4588abf95c5b7da33e3f",{},1775580306630,1775580306619,[],{"breakpoints":1297,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":1299,"id":1300,"name":1301,"modelId":1068,"published":13,"query":1302,"data":1303,"variations":1308,"lastUpdated":1309,"firstPublished":1310,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1311,"meta":1312,"rev":1081},1775580001183,"ebd19ed36c8546b9ad41a5f493b6b838","SC Mag DC phish covg 4.6.26",[],{"title":1304,"date":1305,"url":1306,"image":1307},"Upswell of device code phishing intrusions reported","Mon Apr 06 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.scworld.com/brief/upswell-of-device-code-phishing-intrusions-reported","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3961bae259a14deda7c17ee5c36dda80",{},1775580047341,1775580047331,[],{"breakpoints":1313,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1315,"id":1316,"name":1317,"modelId":1068,"published":13,"query":1318,"data":1319,"variations":1323,"lastUpdated":1324,"firstPublished":1325,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1326,"meta":1327,"rev":1081},1775579878497,"244a8542780b42e4ae14f313a6fa071f","THN DC phish covg 4.6.26",[],{"title":1320,"date":1305,"url":1321,"image":1322},"Device code phishing attacks surge","https://thehackernews.com/2026/04/weekly-recap-axios-hack-chrome-0-day.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fcfa4b6f78f88473d95998eeeaa9c0d6e",{},1775579951350,1775579951336,[],{"breakpoints":1328,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1330,"id":1331,"name":1332,"modelId":1068,"published":13,"query":1333,"data":1334,"variations":1339,"lastUpdated":1340,"firstPublished":1341,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1342,"meta":1343,"rev":1081},1775579447512,"88ed40a0e8b641769c063a38387d5a2b","Yahoo Tech Adam RSA interview 3.31.26",[],{"date":1335,"title":1336,"url":1337,"image":1338},"Tue Mar 31 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","Browser Safety: Push Security co-founder & CEO Adam Bateman, live at RSAC 2026","https://tech.yahoo.com/cybersecurity/articles/browser-safety-push-security-co-214934406.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F25af3b782e6840e8b6088048b3eeac99",{},1775579615034,1775579615022,[],{"breakpoints":1344,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1346,"id":1347,"name":1348,"modelId":1068,"published":13,"query":1349,"data":1350,"variations":1355,"lastUpdated":1356,"firstPublished":1357,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1358,"meta":1359,"rev":1081},1775579307973,"cf1b63fc301844a285b5a29fed002ff4","HelpNet InstallFix covg 4.3.26",[],{"url":1351,"title":1352,"date":1353,"image":1354},"https://www.helpnetsecurity.com/2026/04/03/claude-code-leak-github-malware/","Claude Code source leak exploited to spread malware","Fri Apr 03 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff2a1562ab33b405da5c5fb30ed0b99ab",{},1775579397143,1775579397129,[],{"breakpoints":1360,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1362,"id":1363,"name":1364,"modelId":1068,"published":13,"query":1365,"data":1366,"variations":1370,"lastUpdated":1371,"firstPublished":1372,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1373,"meta":1374,"rev":1081},1775578991590,"a306ed3522da4d01894877d809a0225f","Bleeping Computer Device Code phish covg 4.4.26",[],{"date":1367,"url":1368,"title":1369,"image":1242},"Sat Apr 04 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/device-code-phishing-attacks-surge-37x-as-new-kits-spread-online/","Device code phishing attacks surge 37x as new kits spread online",{},1775579294329,1775579294325,[],{"breakpoints":1375,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1377,"id":1378,"name":1379,"modelId":1068,"published":13,"query":1380,"data":1381,"variations":1386,"lastUpdated":1387,"firstPublished":1388,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1389,"meta":1390,"rev":1081},1774629528985,"b41eb0bf96174382b15dad4a6adcdf42","InfoSecurity Mag TikTok covg 3.27.26",[],{"title":1382,"date":1383,"url":1384,"image":1385},"New wave of AiTM phishing targets TikTok for business","Fri Mar 27 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.infosecurity-magazine.com/news/phishing-targets-tiktok-for/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fff168f680e5e4852ad3f77611b605c32",{},1774629675368,1774629675354,[],{"breakpoints":1391,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1393,"id":1394,"name":1395,"modelId":1068,"published":13,"query":1396,"data":1397,"variations":1401,"lastUpdated":1402,"firstPublished":1403,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1404,"meta":1405,"rev":1081},1774625734871,"d47e667ea367454988353ac552c95afe","Computing UK TikTok covg 3.27.26",[],{"title":1398,"url":1399,"date":1383,"image":1400},"New campaign targets TikTok for Business accounts","https://www.computing.co.uk/news/2026/security/new-campaign-targets-tiktok-for-business-accounts","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe8b3a4c9b06c41a693a0c38b987e4744",{},1774625782369,1774625782358,[],{"breakpoints":1406,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1408,"id":1409,"name":1410,"modelId":1068,"published":13,"query":1411,"data":1412,"variations":1416,"lastUpdated":1417,"firstPublished":1418,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1419,"meta":1420,"rev":1081},1774625603188,"14ccbc9ab52542a095616b3e87a9f9a3","TechRadar TikTok covg 3.27.26",[],{"title":1413,"date":1383,"url":1414,"image":1415},"TikTok for Business accounts targeted in phishing campaign — here's how to stay safe","https://www.techradar.com/pro/security/tiktok-for-business-accounts-targeted-in-phishing-campaign-heres-how-to-stay-safe","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F909130da6ba14441af017c0f5f2678aa",{},1774625699755,1774625699741,[],{"breakpoints":1421,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1423,"id":1424,"name":1425,"modelId":1068,"published":13,"query":1426,"data":1427,"variations":1431,"lastUpdated":1432,"firstPublished":1433,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1434,"meta":1435,"rev":1081},1774625333190,"585328d31d5a4471a39d1d93e021ad42","Cybernews TikTok covg 3.27.26",[],{"title":1428,"date":1383,"url":1429,"image":1430},"Hackers are hijacking TikTok business accounts to steal credentials in real time","https://cybernews.com/security/tiktok-business-phishing-attack-bypass-2fa/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F27ee6ff74c1641c1bc95ae51a54e0eb2",{},1774625583188,1774625583175,[],{"breakpoints":1436,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1438,"id":1439,"name":1440,"modelId":1068,"published":13,"query":1441,"data":1442,"variations":1446,"lastUpdated":1447,"firstPublished":1448,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1449,"meta":1450,"rev":1081},1774625224658,"be2a2b16bf2941a5a16eaf23ad785eb2","Hacker News TikTok covg 3.27.26",[],{"title":1443,"date":1383,"url":1444,"image":1445},"AitM phishing targets TikTok business accounts using Cloudflare turnstile evasion","https://thehackernews.com/2026/03/aitm-phishing-targets-tiktok-business.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F369a4cc0510e4af289abde629590367c",{},1774625313323,1774625313311,[],{"breakpoints":1451,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1453,"id":1454,"name":1455,"modelId":1068,"published":13,"query":1456,"data":1457,"variations":1461,"lastUpdated":1462,"firstPublished":1463,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1464,"meta":1465,"rev":1081},1774539180417,"ac12e069cffb43a68058b63ef5f8aef3","Bleeping Computer TikTok covg 3.26.26",[],{"title":1458,"date":1459,"url":1460,"image":1242},"TikTok for Business accounts targeted in new phishing campaign","Thu Mar 26 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/tiktok-for-business-accounts-targeted-in-new-phishing-campaign/",{},1774539236707,1774539236692,[],{"breakpoints":1466,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1468,"id":1469,"name":1470,"modelId":1068,"published":13,"query":1471,"data":1472,"variations":1477,"lastUpdated":1478,"firstPublished":1479,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1480,"meta":1481,"rev":1081},1773940048647,"a201d8a73f42410186b3d509b6f0c3be","CSO phishing trends covg 3.19.26",[],{"title":1473,"date":1474,"url":1475,"image":1476},"Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference","Thu Mar 19 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.csoonline.com/article/4147134/your-mfa-isnt-broken-its-being-bypassed-and-your-employees-cant-tell-the-difference.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8f41132730d44daebae0d832445c55ec",{},1773940204199,1773940204183,[],{"breakpoints":1482,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1484,"id":1485,"name":1486,"modelId":1068,"published":13,"query":1487,"data":1488,"variations":1493,"lastUpdated":1494,"firstPublished":1495,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1496,"meta":1497,"rev":1081},1773703638835,"2e23cd577f054aa4940beb0f220359e4","Mandos InstallFix covg 3.15.26",[],{"title":1489,"date":1490,"url":1491,"image":1492},"Brief #146: InstallFix targets Claude code users","Sun Mar 15 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://mandos.io/newsletter/brief-146-installfix-targets-claude-code-users-crackarmor-hits-12-6m-linux-servers-armadin-launches-with-190m/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbc4a6a05dd434e199c74cc76b301c8a8",{},1773703708956,1773703708952,[],{"breakpoints":1498,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1500,"id":1501,"name":1502,"modelId":1068,"published":13,"query":1503,"data":1504,"variations":1508,"lastUpdated":1509,"firstPublished":1510,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1511,"meta":1512,"rev":1081},1773703499887,"705dae05d93d416c89e2c9ce32d0b496","HelpNet Security InstallFix covg 3.15.26",[],{"title":1505,"date":1490,"url":1506,"image":1507},"Fake Claude Code install pages highlight rise of “InstallFix” attacks","https://www.helpnetsecurity.com/2026/03/15/week-in-review-aitm-phishing-kit-used-to-hijack-aws-accounts-year-long-malware-campaign-targets-hr/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbbe6b25d7ee44caca487a2e02e89318b",{},1773703559299,1773703559291,[],{"breakpoints":1513,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1515,"id":1516,"name":1517,"modelId":1068,"published":13,"query":1518,"data":1519,"variations":1524,"lastUpdated":1525,"firstPublished":1526,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1527,"meta":1528,"rev":1081},1773687322799,"84cc10edb1b2454e9979d1fe8093591e","Th Hacker News InstallFix covg 3.16.26",[],{"title":1520,"date":1521,"url":1522,"image":1523},"ClickFix campaigns spread MacSync macOS infostealer via fake AI tool installers","Mon Mar 16 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7e6adf865e5d48b88b4a9714867d1c98",{},1773687415679,1773687415667,[],{"breakpoints":1529,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1531,"id":1532,"name":1533,"modelId":1068,"published":13,"query":1534,"data":1535,"variations":1540,"lastUpdated":1541,"firstPublished":1542,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1543,"meta":1544,"rev":1081},1773252341339,"73fd1abf5dc041bea52ea94176885129","eSecurityPlanet InstallFix covg 3.10.26",[],{"title":1536,"date":1537,"url":1538,"image":1539},"Fake Claude code install pages spread infostealer malware","Tue Mar 10 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.esecurityplanet.com/artificial-intelligence/fake-claude-code-install-pages-spread-infostealer-malware/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc0da1bcf072a48c490fbcd4bc844e5f9",{},1773252483044,1773252483040,[],{"breakpoints":1545,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1547,"id":1548,"name":1549,"modelId":1068,"published":13,"query":1550,"data":1551,"variations":1555,"lastUpdated":1556,"firstPublished":1557,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1558,"meta":1559,"rev":1081},1773252263890,"73ef90b1e764453e8d55b71565639581","Simply Cyber podcast InstallFix covg 3.10.26",[],{"title":1552,"date":1537,"url":1553,"image":1554},"\"Install‑Fix” malvertising exploits copy‑paste commands, stealing developer credentials","https://www.youtube.com/watch?v=XuzhDlMPGvk&t=36s","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd956252f551a4726b3af6460cf61447f",{},1773252334029,1773252334025,[],{"breakpoints":1560,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1562,"id":1563,"name":1564,"modelId":1068,"published":13,"query":1565,"data":1566,"variations":1571,"lastUpdated":1572,"firstPublished":1573,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1574,"meta":1575,"rev":1081},1773154777774,"c44b49fde42d4641b2008857cf3ff5ba","SC Mag InstallFix covg 3.9.26",[],{"title":1567,"url":1568,"date":1569,"image":1570},"Amatera infostealer deployed via phony Claude Code guides","https://www.scworld.com/brief/amatera-infostealer-deployed-via-phony-claude-code-guides","Mon Mar 09 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9a342685f76d470fa3e242ea167a5cd1",{},1773154836220,1773154836208,[],{"breakpoints":1576,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1578,"id":1579,"name":1580,"modelId":1068,"published":13,"query":1581,"data":1582,"variations":1586,"lastUpdated":1587,"firstPublished":1588,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1589,"meta":1590,"rev":1081},1773101667837,"93db02ee89a54c0b98aaf2b74f5c540e","Dark Reading InstallFix cov 3.9.36",[],{"title":1583,"date":1569,"url":1584,"image":1585},"'InstallFix' attacks spread fake Claude code sites","https://www.darkreading.com/cloud-security/installfix-attacks-fake-claude-code","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F076a6464109142d18d23719908be2953",{},1773101731285,1773101731273,[],{"breakpoints":1591,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1593,"id":1594,"name":1595,"modelId":1068,"published":13,"query":1596,"data":1597,"variations":1601,"lastUpdated":1602,"firstPublished":1603,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1604,"meta":1605,"rev":1081},1773101598572,"5b524166f0144825a1f4ee218e9085c0","LifeHacker covg InstallFix covg 3.9.26",[],{"title":1598,"date":1569,"url":1599,"image":1600},"This scam impersonates the official Claude code website to spread malware","https://lifehacker.com/tech/this-scam-cleverly-impersonates-the-official-claude-code-website-to-spread","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0324e6fbaa6a44d8b6ea461051b4200c",{},1773101660771,1773101660757,[],{"breakpoints":1606,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1608,"id":1609,"name":1610,"modelId":1068,"published":13,"query":1611,"data":1612,"variations":1616,"lastUpdated":1617,"firstPublished":1618,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1619,"meta":1620,"rev":1081},1773101514655,"f503c8e19006498fbcdb157c2a42a995","SecurityWeek InstallFix covg 3.9.26",[],{"title":1613,"date":1569,"url":1614,"image":1615},"Cloned AI tool sites distribute malware in ‘InstallFix’ campaign","https://www.securityweek.com/cloned-ai-tool-sites-distribute-malware-in-installfix-campaign/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ffe84cb2b7900455fbc94779ccb8b5fc7",{},1773101579856,1773101579843,[],{"breakpoints":1621,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1623,"id":1624,"name":1625,"modelId":1068,"published":13,"query":1626,"data":1627,"variations":1629,"lastUpdated":1630,"firstPublished":1631,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1632,"meta":1633,"rev":1081},1773101354594,"fad012fa1a14444ea0236f2dca43237a","HelpNet Security InstallFix covg",[],{"url":1628,"date":1569,"title":1505,"image":1507},"https://www.helpnetsecurity.com/2026/03/09/fake-claude-code-install-pages-installfix-attacks/",{},1773101508558,1773101508544,[],{"breakpoints":1634,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1636,"id":1637,"name":1638,"modelId":1068,"published":13,"query":1639,"data":1640,"variations":1645,"lastUpdated":1646,"firstPublished":1647,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1648,"meta":1649,"rev":1081},1772827048134,"a239d13c86c949e7b3f7471e09439103","PC Mag InstallFix coverage 3.6.26",[],{"url":1641,"title":1642,"date":1643,"image":1644},"https://www.pcmag.com/news/phony-claude-code-install-guides-trick-vibe-coders-into-installing-malware","Phony Claude Code install guides trick vibe coders into installing malware","Fri Mar 06 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdefe9e4e2e564b3199ba7ed63782776b",{},1772827293549,1772827293537,[],{"breakpoints":1650,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1652,"id":1653,"name":1654,"modelId":1068,"published":13,"query":1655,"data":1656,"variations":1660,"lastUpdated":1661,"firstPublished":1662,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1663,"meta":1664,"rev":1081},1772812850285,"32a36f7ffc97486b9b85c1e6e6a19adb","HelpNet Security Mal Browser Ext Blocking covg 3.6.26",[],{"title":1657,"url":1658,"date":1643,"image":1659},"Push Security adds malicious browser extension detection to block threats in employee browsers","https://www.helpnetsecurity.com/2026/03/06/new-infosec-products-of-the-week-march-6-2026/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5604e321cccc4fe889b1c77ee36260cc",{},1772812938749,1772812938734,[],{"breakpoints":1665,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":1667,"id":1668,"name":1669,"modelId":1068,"published":13,"query":1670,"data":1671,"variations":1674,"lastUpdated":1675,"firstPublished":1676,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1677,"meta":1678,"rev":1081},1772812645857,"b3ad4716c02d458fb37e4ae87fb69a91","Bleeping Computer - InstallFix covg 3.6.26",[],{"url":1672,"date":1643,"title":1673,"image":1242},"https://www.bleepingcomputer.com/news/security/fake-claude-code-install-guides-push-infostealers-in-installfix-attacks/","Fake Claude Code install guides push infostealers in InstallFix attacks",{},1772812735192,1772812735177,[],{"breakpoints":1679,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1681,"id":1682,"name":1683,"modelId":1068,"published":13,"query":1684,"data":1685,"variations":1690,"lastUpdated":1691,"firstPublished":1692,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1693,"meta":1694,"rev":1081},1770134011691,"1f0ce90d436a490b81bc8b375a36973c","Bleeping Computer 1.14.26",[],{"url":1686,"image":1687,"date":1688,"title":1689},"https://www.bleepingcomputer.com/news/security/consentfix-debrief-insights-from-the-new-oauth-phishing-attack/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Faa241f108dc14ac2aeaf1d43f93cffba","Wed Jan 14 2026 00:00:00 GMT-0800 (Pacific Standard Time)","ConsentFix debrief: Insights from the new OAuth phishing attack",{},1770223902608,1770134079643,[],{"kind":28,"lastPreviewUrl":29,"breakpoints":1695,"hasErrors":6,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1697,"id":1698,"name":1699,"modelId":1068,"published":13,"query":1700,"data":1701,"variations":1706,"lastUpdated":1707,"firstPublished":1708,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1709,"meta":1710,"rev":1081},1770133693426,"f50b06a576ba49d4a3e12f699dc4a0b9","Intl Business Times 1.29.26",[],{"title":1702,"date":1703,"url":1704,"image":1705},"Sneaky 2FA attack reveals fake Windows stealing passwords from users","Thu Jan 29 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.ibtimes.co.uk/sneaky-2fa-attack-reveals-fake-windows-stealing-passwords-users-1774788","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb1eecfba9de1421596583d792dfc8e27",{},1770133955516,1770133955511,[],{"breakpoints":1711,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1713,"id":1714,"name":1715,"modelId":1068,"published":13,"query":1716,"data":1717,"variations":1721,"lastUpdated":1722,"firstPublished":1723,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1724,"meta":1725,"rev":1081},1770133609556,"8643eed442104b0fa0d581e3f4a2d471","HelpNet Security 1.13.26",[],{"title":1718,"date":1719,"url":1720,"image":1507},"Browser-in-the-Browser phishing is on the rise: Here’s how to spot it","Tue Jan 13 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.helpnetsecurity.com/2026/01/13/browser-in-the-browser-bitb-phishing/",{},1770133683668,1770133683662,[],{"breakpoints":1726,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1728,"id":1729,"name":1730,"modelId":1068,"published":13,"query":1731,"data":1732,"variations":1737,"lastUpdated":1738,"firstPublished":1739,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1740,"meta":1741,"rev":1081},1767036095564,"695279b6813a414f804c8dcfc223f1b5","Yahoo Finance 12.28.25",[],{"title":1733,"date":1734,"url":1735,"image":1736},"Cyber scams on the rise: How to avoid getting phished by hackers","Sun Dec 28 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://finance.yahoo.com/video/cyber-scams-rise-avoid-getting-150059260.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdfb33b9cab8244d89da3d2b12c6aaf37",{},1767036157428,1767036157415,[],{"breakpoints":1742,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1744,"id":1745,"name":1746,"modelId":1068,"published":13,"query":1747,"data":1748,"variations":1753,"lastUpdated":1754,"firstPublished":1755,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1756,"meta":1757,"rev":1081},1767035804669,"b019aa8067f74c1881b6e58196a057b0","Yahoo Finance Live 12.2425",[],{"title":1749,"date":1750,"url":1751,"image":1752},"Phishing scams becoming prevalent on LinkedIn: How to spot them","Wed Dec 24 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://finance.yahoo.com/video/phishing-scams-becoming-prevalent-linkedin-150028882.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F12a9694c214243d888f16ef15dabc4d2",{},1767035986901,1767035986888,[],{"breakpoints":1758,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1760,"id":1761,"name":1762,"modelId":1068,"published":13,"query":1763,"data":1764,"variations":1768,"lastUpdated":1769,"firstPublished":1770,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1771,"meta":1772,"rev":1081},1766169985769,"729b8c2debe8456aa6ab6b5ba10ca925","HelpNet Security ClickFix news 12.19.25",[],{"title":1765,"image":1659,"url":1766,"date":1767},"Push Security detects and blocks malicious copy-and-paste activity","https://www.helpnetsecurity.com/2025/12/18/push-security-malicious-copy-and-paste-detection/","Thu Dec 18 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1766170357526,1766170238006,[],{"lastPreviewUrl":29,"breakpoints":1773,"kind":28,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1775,"id":1776,"name":1777,"modelId":1068,"published":13,"query":1778,"data":1779,"variations":1783,"lastUpdated":1784,"firstPublished":1785,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1786,"meta":1787,"rev":1081},1765978497561,"d463bec64b9643c692b4eb189dfef015","Risky Biz ConsentFix covg 12.17.25",[],{"title":1780,"date":550,"url":1781,"image":1782},"The unholy combination of OAuth consent phishing, social engineering and Azure CLI","https://risky.biz/RB819/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd9913ae44cc04e408a1402945a938cf7",{},1765978608128,1765978608114,[],{"breakpoints":1788,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1790,"id":1791,"name":1792,"modelId":1068,"published":13,"query":1793,"data":1794,"variations":1799,"lastUpdated":1800,"firstPublished":1801,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1802,"meta":1803,"rev":1081},1765927305960,"da7779ec2c7e41bea3588088599db6bd","eSecurity Planet ConsentFix covg 12.16.25",[],{"image":1795,"title":1796,"url":1797,"date":1798},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fea0c2f44d1dd49a2803fd6ae9f28dddf","Azure CLI trust abused in ConsentFix account takeovers","https://www.esecurityplanet.com/threats/azure-cli-trust-abused-in-consentfix-account-takeovers/","Tue Dec 16 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1765978490900,1765978490894,[],{"breakpoints":1804,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1806,"id":1807,"name":1808,"modelId":1068,"published":13,"query":1809,"data":1810,"variations":1815,"lastUpdated":1816,"firstPublished":1817,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1818,"meta":1819,"rev":1081},1765911192421,"9bc109c6597c4c74808b5c18815f32b7","YouTube - John Hammond - ConsentFix covg 12.1",[],{"url":1811,"date":1812,"title":1813,"image":1814},"https://www.youtube.com/watch?v=AAiiIY-Soak","Sat Dec 13 2025 00:00:00 GMT-0800 (Pacific Standard Time)"," Hacking endpoint to identity (Microsoft 365): \"ConsentFix\"","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdc03867552734a1a88ea820997e8e824",{},1765911308541,1765911308525,[],{"breakpoints":1820,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1822,"id":1823,"name":1824,"modelId":1068,"published":13,"query":1825,"data":1826,"variations":1831,"lastUpdated":1832,"firstPublished":1833,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1834,"meta":1835,"rev":1081},1765896303734,"cd56166cb8584e9b9436a3649c616883","Forbes ConsentFix covg 12.15.25",[],{"title":1827,"date":1828,"url":1829,"image":1830},"Shut down and restart—New Microsoft attack beats passwords, 2FA and passkeys","Mon Dec 15 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.forbes.com/sites/zakdoffman/2025/12/15/if-you-get-this-message-your-microsoft-account-is-under-attack/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3730733e33464d8e9d0556e82edd107d",{},1765896374204,1765896374190,[],{"breakpoints":1836,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1838,"id":1839,"name":1840,"modelId":1068,"published":13,"query":1841,"data":1842,"variations":1845,"lastUpdated":1846,"firstPublished":1847,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1848,"meta":1849,"rev":1081},1765813760914,"b17bf20966554159bde52b04ab4c6486","Bleeping Computer 2025 Phishing 12.15.25",[],{"title":1843,"image":1242,"date":1828,"url":1844},"2025’s Top phishing trends and what they mean for your security strategy","https://www.bleepingcomputer.com/news/security/2025s-top-phishing-trends-and-what-they-mean-for-your-security-strategy/",{},1765896388675,1765813851964,[],{"breakpoints":1850,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1852,"id":1853,"name":1854,"modelId":1068,"published":13,"query":1855,"data":1856,"variations":1859,"lastUpdated":1860,"firstPublished":1861,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1862,"meta":1863,"rev":1081},1765813622416,"2262a496aa5548138f2c48490a327b62","THN ConsentFix covg 12.15.25",[],{"title":1857,"date":1828,"url":1858,"image":1445},"ConsentFix, a new twist on ClickFix","https://thehackernews.com/2025/12/weekly-recap-apple-0-days-winrar.html",{},1765813754902,1765813747219,[],{"breakpoints":1864,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1866,"id":1867,"name":1868,"modelId":1068,"published":13,"query":1869,"data":1870,"variations":1875,"lastUpdated":1876,"firstPublished":1877,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1878,"meta":1879,"rev":1081},1765588990292,"2a99264102a347c698748c7f72fba883","Cybersecurity News ConsentFix covg 12.12.25",[],{"title":1871,"date":1872,"url":1873,"image":1874},"New ConsentFix attack let attackers hijack Microsoft accounts by leveraging Azure CLI","Fri Dec 12 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://cybersecuritynews.com/consentfix-attack-hijack-microsoft-accounts/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F71a9b05bbd654bc7982bdc364f8a5589",{},1765589049186,1765589049178,[],{"breakpoints":1880,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1882,"id":1883,"name":1884,"modelId":1068,"published":13,"query":1885,"data":1886,"variations":1890,"lastUpdated":1891,"firstPublished":1892,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1893,"meta":1894,"rev":1081},1765588671527,"4c4ed790409241029b5c36d281989be6","GB Hackers ConsentFix covg 12.12.25",[],{"url":1887,"date":1872,"title":1888,"image":1889},"https://gbhackers.com/consentfix-attack-lets-hackers-hijack-microsoft-accounts/","ConsentFix attack lets hackers hijack Microsoft accounts via Azure CLI abuse","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc682d314e0d04e53b56947e72588139e",{},1765588735509,1765588735497,[],{"breakpoints":1895,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1897,"id":1898,"name":1899,"modelId":1068,"published":13,"query":1900,"data":1901,"variations":1905,"lastUpdated":1906,"firstPublished":1907,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1908,"meta":1909,"rev":1081},1765588552747,"7dd9a9ed4b0c4fb18ee2d44f3e7dfb8b","SC Magazine ConsentFix covg  12.12.25",[],{"title":1902,"date":1872,"url":1903,"image":1904},"Microsoft account takeovers eased by new ConsentFix attack","https://www.scworld.com/brief/microsoft-account-takeovers-eased-by-new-consentfix-attack","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8ea70ebc671e41ddac4cbb8c729239bf",{},1765588663106,1765588663095,[],{"breakpoints":1910,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1912,"id":1913,"name":1914,"modelId":1068,"published":13,"query":1915,"data":1916,"variations":1920,"lastUpdated":1921,"firstPublished":1922,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1923,"meta":1924,"rev":1081},1765558395804,"f9573d88aa38429a85e559d38cac0da8","CSO Online ConsentFix covg 12.11.25",[],{"title":1917,"date":588,"url":1918,"image":1919},"Meet ConsentFix, a new twist on the ClickFix phishing attack","https://www.csoonline.com/article/4105230/meet-consentfix-a-new-twist-on-the-clickfix-phishing-attack.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F4416fd877c2f4b2f8761bd4c4130e087",{},1765558453935,1765558453921,[],{"breakpoints":1925,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1927,"id":1928,"name":1929,"modelId":1068,"published":13,"query":1930,"data":1931,"variations":1934,"lastUpdated":1935,"firstPublished":1936,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1937,"meta":1938,"rev":1081},1765558238257,"2e109e06550a43c2ad7ac0ca6331e419","Risky Biz News ConstentFix 12.12.25",[],{"title":1932,"date":1872,"url":1933,"image":1782},"ConsentFix attack","https://news.risky.biz/risky-bulletin-eu-has-a-problem-attracting-and-retaining-cyber-talent/",{},1765558390283,1765558390271,[],{"breakpoints":1939,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":1941,"id":1942,"name":1943,"modelId":1068,"published":13,"query":1944,"data":1945,"variations":1948,"lastUpdated":1949,"firstPublished":1950,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1951,"meta":1952,"rev":1081},1765469636103,"340b0e7f1a304117ab582722f05e8e32","Bleeping Computer ConsentFix covg 12.11.25",[],{"title":1946,"url":1947,"date":588,"image":1242},"New ConsentFix attack hijacks Microsoft accounts via Azure CLI","https://www.bleepingcomputer.com/news/security/new-consentfix-attack-hijacks-microsoft-accounts-via-azure-cli/",{},1765469736998,1765469736985,[],{"breakpoints":1953,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1955,"id":1956,"name":1957,"modelId":1068,"published":13,"query":1958,"data":1959,"variations":1964,"lastUpdated":1965,"firstPublished":1966,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1967,"meta":1968,"rev":1081},1765148102020,"4df69320406d4efca8587d2cde16b57f","CIO National Review Calendly covg 12.4.25 ",[],{"url":1960,"title":1961,"image":1962,"date":1963},"https://nationalcioreview.com/articles-insights/extra-bytes/calendly-emails-impersonate-major-brands-in-new-credential-theft-scheme/","Calendly emails impersonate major brands in new credential theft scheme","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F89703900d321432c98585f9e078498cf","Thu Dec 04 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1765148186771,1765148172790,[],{"breakpoints":1969,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1971,"id":1972,"name":1973,"modelId":1068,"published":13,"query":1974,"data":1975,"variations":1979,"lastUpdated":1980,"firstPublished":1981,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1982,"meta":1983,"rev":1081},1764869554092,"56ca72af985e4a7d99b106e64575df87","SC Magazine Calendly covg 12.3.25",[],{"title":1976,"date":1977,"url":1978,"image":1904},"Ongoing Calendly phishing scheme impersonates major brands","Wed Dec 03 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.scworld.com/brief/ongoing-calendly-phishing-scheme-impersonates-major-brands",{},1764869599039,1764869599025,[],{"breakpoints":1984,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":1986,"id":1987,"name":1988,"modelId":1068,"published":13,"query":1989,"data":1990,"variations":1993,"lastUpdated":1994,"firstPublished":1995,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":1996,"meta":1997,"rev":1081},1764869466225,"80f5dc65e67e440c84c96094a7dbc8ef","Cybersecurity News Calendly covg 12.4.25",[],{"title":1991,"date":1963,"url":1992,"image":1874},"Hackers using Calendly-themed phishing attack to steal Google Workspace account","https://cybersecuritynews.com/hackers-using-calendly-themed-phishing-attack/",{},1764869534791,1764869534779,[],{"breakpoints":1998,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2000,"id":2001,"name":2002,"modelId":1068,"published":13,"query":2003,"data":2004,"variations":2007,"lastUpdated":2008,"firstPublished":2009,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2010,"meta":2011,"rev":1081},1764869345227,"7fb8db6aae0246338314b3e7be6dc2e1","GBHackers Calendly covg ",[],{"date":1977,"title":2005,"url":2006,"image":1889},"New Calendly-inspired phishing attack aims to steal Google Workspace credentials","https://gbhackers.com/calendly-inspired-phishing/",{},1764869446853,1764869446848,[],{"breakpoints":2012,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":2014,"id":2015,"name":2016,"modelId":1068,"published":13,"query":2017,"data":2018,"variations":2022,"lastUpdated":2023,"firstPublished":2024,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2025,"meta":2026,"rev":1081},1764686012316,"2a4f8f8e094f4e049c29118e79405314","BleepingComputer Calendly covg 12.2.25",[],{"url":2019,"date":2020,"title":2021,"image":1242},"https://www.bleepingcomputer.com/news/security/fake-calendly-invites-spoof-top-brands-to-hijack-ad-manager-accounts/","Tue Dec 02 2025 00:00:00 GMT-0800 (Pacific Standard Time)","Fake Calendly invites spoof top brands to hijack ad manager accounts",{},1764686122781,1764686122769,[],{"breakpoints":2027,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2029,"id":2030,"name":2031,"modelId":1068,"published":13,"query":2032,"data":2033,"variations":2037,"lastUpdated":2038,"firstPublished":2039,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2040,"meta":2041,"rev":1081},1763702945083,"0e54d0e51482444696748d8b2fd98353","CSO Online Sneaky 2FA covg 11.20.25",[],{"date":2034,"url":2035,"title":2036,"image":1919},"Thu Nov 20 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.csoonline.com/article/4094165/sneaky2fa-phishing-tool-adds-ability-to-insert-legit-looking-urls.html","Sneaky2FA phishing tool adds ability to insert legit-looking URLs",{},1763703125793,1763703125781,[],{"kind":28,"breakpoints":2042,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2044,"id":2045,"name":2046,"modelId":1068,"published":13,"query":2047,"data":2048,"variations":2052,"lastUpdated":2053,"firstPublished":2054,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2055,"meta":2056,"rev":1081},1763666026198,"fd03f07d887c4b3fb1b054149f091c3e","SC Magazine Sneaky 2FA covg 11.19.25",[],{"date":2049,"url":2050,"title":2051,"image":1570},"Wed Nov 19 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.scworld.com/brief/bitb-integrated-into-updated-sneaky-2fa-phaas-kit","BitB integrated into updated Sneaky 2FA PhaaS kit",{},1763666083690,1763666083680,[],{"breakpoints":2057,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2059,"id":2060,"name":2061,"modelId":1068,"published":13,"query":2062,"data":2063,"variations":2066,"lastUpdated":2067,"firstPublished":2068,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2069,"meta":2070,"rev":1081},1763655272869,"8bc9b208121f45dfb439055a697610e7","Bleeping Computer Sneaky 2FA covg 11.19.25",[],{"date":2049,"url":2064,"title":2065,"image":1228},"https://www.bleepingcomputer.com/news/security/sneaky2fa-phaas-kit-now-uses-redteamers-browser-in-the-browser-attack/","Sneaky2FA PhaaS kit now uses redteamers' Browser-in-the-Browser attack",{},1763655342102,1763655342088,[],{"breakpoints":2071,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2073,"id":2074,"name":2075,"modelId":1068,"published":13,"meta":2076,"query":2078,"data":2079,"variations":2082,"lastUpdated":2083,"firstPublished":2084,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2085,"rev":1081},1763583238248,"5581a088f27a46509dbb9e0db3a6c388","GBHackers Sneaky 2FA covg 11.19.25",{"breakpoints":2077,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"date":2049,"image":1889,"url":2080,"title":2081},"https://gbhackers.com/new-phishing-kit/","New phishing kit using BitB technique targets Microsoft accounts to steal credentials via Sneaky 2FA attack",{},1763583307561,1763583307548,[],{"createdDate":2087,"id":2088,"name":2089,"modelId":1068,"published":13,"query":2090,"data":2091,"variations":2094,"lastUpdated":2095,"firstPublished":2096,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2097,"meta":2098,"rev":1081},1763581208571,"c91f0750197248d4a8c67a813998fd2f","Cybersecurity News Sneaky 2FA coverage 11.19.25",[],{"title":2092,"date":2049,"url":2093,"image":1874},"New Sneaky 2FA phishing kit with BitB technique attacking users to steal Microsoft account credentials","https://cybersecuritynews.com/new-sneaky-2fa-phishing-kit-with-bitb-technique-attacking-users/",{},1763581282640,1763581282624,[],{"breakpoints":2099,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2101,"id":2102,"name":2103,"modelId":1068,"published":13,"query":2104,"data":2105,"variations":2109,"lastUpdated":2110,"firstPublished":2111,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2112,"meta":2113,"rev":1081},1763491298594,"308df4bb1a094898b6f8b3972110418b","THN Sneaky 2FA coverage 11.18.25",[],{"title":2106,"date":2107,"url":2108,"image":1322},"Sneaky 2FA phishing kit adds BitB pop-ups designed to mimic the browser address bar","Tue Nov 18 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/sneaky-2fa-phishing-kit-adds-bitb-pop.html",{},1763491363109,1763491363097,[],{"breakpoints":2114,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2116,"id":2117,"name":2118,"modelId":1068,"published":13,"query":2119,"data":2120,"variations":2124,"lastUpdated":2125,"firstPublished":2126,"testRatio":23,"createdBy":25,"lastUpdatedBy":292,"folders":2127,"meta":2128,"rev":1081},1763386847074,"f019425360414324be53082f44bb2529","THN 11/17/2025",[],{"url":2121,"date":2122,"title":2123,"image":1445},"https://thehackernews.com/2025/11/5-reasons-why-attackers-are-phishing.html","Mon Nov 17 2025 12:00:00 GMT+0000 (Greenwich Mean Time)","5 Reasons Why Attackers Are Phishing Over LinkedIn",{},1763491290840,1763386891096,[],{"breakpoints":2129,"lastPreviewUrl":29,"kind":28,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2131,"id":2132,"name":2133,"modelId":1068,"published":13,"query":2134,"data":2135,"variations":2140,"lastUpdated":2141,"firstPublished":2142,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2143,"meta":2144,"rev":1081},1762880656430,"e1b2f0f439ab4727b2b3efc8c7ff96ae","Ars Technica 11.11.25",[],{"image":2136,"date":2137,"url":2138,"title":2139},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F19e072045f1848ccaf1908e7bdd9761a","Tue Nov 11 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://arstechnica.com/security/2025/11/clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of/","ClickFix may be the biggest security threat your family has never heard of",{},1762884134919,1762880709413,[],{"kind":28,"lastPreviewUrl":29,"breakpoints":2145,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2147,"id":2148,"name":2149,"modelId":1068,"published":13,"query":2150,"data":2151,"variations":2155,"lastUpdated":2156,"firstPublished":2157,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2158,"meta":2159,"rev":1081},1762825858961,"1163986d94f84e6c874e7640a8bb5ca8","The Hacker News 11.10.25",[],{"title":2152,"date":2153,"url":2154,"image":1322},"Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware","Mon Nov 10 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/large-scale-clickfix-phishing-attacks.html",{},1762825939779,1762825939765,[],{"breakpoints":2160,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":2162,"id":2163,"name":2164,"modelId":1068,"published":13,"query":2165,"data":2166,"variations":2170,"lastUpdated":2171,"firstPublished":2172,"testRatio":23,"createdBy":25,"lastUpdatedBy":292,"folders":2173,"meta":2174,"rev":1081},1762787628852,"393eccca06d146e69ecfb8f0dffa3151","Bleeping computer 11/10/2025",[],{"url":2167,"title":2168,"image":1242,"date":2169},"https://www.bleepingcomputer.com/news/security/5-reasons-why-attackers-are-phishing-over-linkedin/","5 reasons why attackers are phishing over LinkedIn","Mon Nov 10 2025 13:00:00 GMT+0000 (Greenwich Mean Time)",{},1762825967348,1762787687347,[],{"kind":28,"lastPreviewUrl":29,"breakpoints":2175,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":2177,"id":2178,"name":2179,"modelId":1068,"published":13,"query":2180,"data":2181,"variations":2186,"lastUpdated":2187,"firstPublished":2188,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2189,"meta":2190,"rev":1081},1762626307695,"83025ff7899e4dceb630f2fd08a4072e","eSecurity Planet 11.7.25",[],{"title":2182,"date":2183,"url":2184,"image":2185},"ClickFix malware evolves with multi-OS support and video tutorials","Fri Nov 07 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.esecurityplanet.com/threats/clickfix-malware-evolves-with-multi-os-support-and-video-tutorials/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd2c60d8a0ffc4d3bbac11c159cd66abd",{},1762626358641,1762626358630,[],{"breakpoints":2191,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2193,"id":2194,"name":2195,"modelId":1068,"published":13,"query":2196,"data":2197,"variations":2200,"lastUpdated":2201,"firstPublished":2202,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2203,"meta":2204,"rev":1081},1762544396960,"f248c42225584ee1b4c48cecd787771c","SC Magazine - ClickFix 11.7.25",[],{"title":2198,"date":2183,"url":2199,"image":1904},"New ClickFix attacks feature ‘self-infection’ videos","https://www.scworld.com/news/new-clickfix-attacks-feature-self-infection-videos",{},1762544447163,1762544447149,[],{"breakpoints":2205,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2207,"id":2208,"name":2209,"modelId":1068,"published":13,"query":2210,"data":2211,"variations":2214,"lastUpdated":2215,"firstPublished":2216,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2217,"meta":2218,"rev":1081},1762544277875,"1149df5149b046a6bed634a0fec7cca0","Cybersecurity News 11.7.25",[],{"title":2212,"url":2213,"date":2183,"image":1874},"ClickFix attacks evolved with weaponized videos that tricks users via self-infection process","https://cybersecuritynews.com/clickfix-attacks-evolved-with-weaponized-videos/",{},1762544338325,1762544338310,[],{"breakpoints":2219,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2221,"id":2222,"name":2223,"modelId":1068,"published":13,"query":2224,"data":2225,"variations":2229,"lastUpdated":2230,"firstPublished":2231,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2232,"meta":2233,"rev":1081},1762544197059,"473ad3c507eb438796589d7137cbbd87","TechRadar Pro 11.7.25",[],{"title":2226,"date":2227,"url":2228,"image":1415},"Experts warn ClickFix malware attacks are back, and more dangerous than ever before - here's how to stay safe","Fri Nov 07 2025 00:02:00 GMT-0800 (Pacific Standard Time)","https://www.techradar.com/pro/security/experts-warn-clickfix-malware-attacks-are-back-and-more-dangerous-than-ever-before",{},1762544255461,1762544255446,[],{"breakpoints":2234,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2236,"id":2237,"name":2238,"modelId":1068,"published":13,"query":2239,"data":2240,"variations":2244,"lastUpdated":2245,"firstPublished":2246,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2247,"meta":2248,"rev":1081},1762544114376,"a020ce8b19464aefb709af15402cf60e","SecurityWeek 11.7.25",[],{"url":2241,"date":2242,"title":2243,"image":1615},"https://www.securityweek.com/clickfix-attacks-against-macos-users-evolving/","Fri Nov 07 2025 00:01:00 GMT-0800 (Pacific Standard Time)","ClickFix attacks against macOS users evolving",{},1762544191057,1762544191043,[],{"breakpoints":2249,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2251,"id":2252,"name":2253,"modelId":1068,"published":13,"query":2254,"data":2255,"variations":2259,"lastUpdated":2260,"firstPublished":2261,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2262,"meta":2263,"rev":1081},1762544049378,"c740917cbf94428a8ca995c252f61384","Cyberwire 11.7.25",[],{"title":2256,"date":2183,"url":2257,"image":2258},"Sophisticated ClickFix campaign targets Mac users","https://thecyberwire.com/newsletters/daily-briefing/14/214","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd86483d891a94ef9be8394a20e649e6a",{},1762544106532,1762544106517,[],{"breakpoints":2264,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2266,"id":2267,"name":2268,"modelId":1068,"published":13,"query":2269,"data":2270,"variations":2274,"lastUpdated":2275,"firstPublished":2276,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2277,"meta":2278,"rev":1081},1762530865915,"f40e34bb86f44e46b86f48e039e2047e","Risky Business 11.7.25",[],{"title":2271,"url":2272,"image":2273,"date":2183},"Arrests, cybercrime, and threat intel","https://risky.biz/risky-bulletin-europol-arrests-payment-service-executives-for-role-in-credit-card-fraud-ring/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0711aacafd8042449739851214085715",{},1762531197354,1762531180634,[],{"breakpoints":2279,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2281,"id":2282,"name":2283,"modelId":1068,"published":13,"query":2284,"data":2285,"variations":2289,"lastUpdated":2290,"firstPublished":2291,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2292,"meta":2293,"rev":1081},1762530734034,"fe13862ebcd047b8adc4d76a83d95f94","HelpNet Security 11.7.25",[],{"title":2286,"date":2183,"url":2287,"image":2288},"Attackers upgrade ClickFix with tricks used by online stores","https://www.helpnetsecurity.com/2025/11/07/newest-clickfix-tricks/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0bfab47bca5b4e58a278b9b30f27f2f0",{},1762530851870,1762530851855,[],{"breakpoints":2294,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2296,"id":2297,"name":2298,"modelId":1068,"published":13,"query":2299,"data":2300,"variations":2305,"lastUpdated":2306,"firstPublished":2307,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2308,"meta":2309,"rev":1081},1762465369069,"5154d24b5f9545e4814c4aeec2cb9834","Tom's Guide coverage 11.6.25",[],{"title":2301,"date":2302,"url":2303,"image":2304},"ClickFix attacks just got a major upgrade to trick you into infecting your computer with malware — don't fall for this","Thu Nov 06 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.tomsguide.com/computing/malware-adware/clickfix-attacks-just-got-a-major-upgrade-to-trick-you-into-infecting-your-computer-with-malware-dont-fall-for-this","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3199c910a2f74de0aa3e884357432227",{},1762465417810,1762465417802,[],{"breakpoints":2310,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2312,"id":2313,"name":2314,"modelId":1068,"published":13,"query":2315,"data":2316,"variations":2319,"lastUpdated":2320,"firstPublished":2321,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2322,"meta":2323,"rev":1081},1762442767784,"3b991cd1e1f8406784ecb76dfea5dab5","Bleeping Computer covg ClickFix 11.6.25",[],{"title":2317,"date":2302,"url":2318,"image":1242},"ClickFix malware attacks evolve with multi-OS support, video tutorials","https://www.bleepingcomputer.com/news/security/clickfix-malware-attacks-evolve-with-multi-os-support-video-tutorials/",{},1762442923468,1762442923454,[],{"breakpoints":2324,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2326,"id":2327,"name":2328,"modelId":1068,"published":13,"query":2329,"data":2330,"variations":2334,"lastUpdated":2335,"firstPublished":2336,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2337,"meta":2338,"rev":1081},1762184560199,"8f62d571236349798ac17c1e81d047a1","The Hacker News coverage 11.3.25",[],{"title":2331,"date":2332,"url":2333,"image":1523},"Hackers abuse LinkedIn to target finance executives ","Mon Nov 03 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/weekly-recap-lazarus-hits-web3-intelamd.html",{},1762184662730,1762184662720,[],{"breakpoints":2339,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2341,"id":2342,"name":2343,"modelId":1068,"published":13,"query":2344,"data":2345,"variations":2349,"lastUpdated":2350,"firstPublished":2351,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2352,"meta":2353,"rev":1081},1762184482687,"946db957decb45889bd8d59a5f5c0607","Digit News coverage 11.3.25",[],{"title":2346,"date":2332,"url":2347,"image":2348},"Hackers exploiting LinkedIn DMs in major phishing campaign","https://www.digit.fyi/hackers-exploiting-linkedin-dms-in-major-phishing-campaign/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F17f3b7a989af4acbbd826ca77fc54af6",{},1762184541405,1762184541390,[],{"breakpoints":2354,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2356,"id":2357,"name":2358,"modelId":1068,"published":13,"query":2359,"data":2360,"variations":2364,"lastUpdated":2365,"firstPublished":2366,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2367,"meta":2368,"rev":1081},1761961315095,"9d78bbed0daa4b84be79bd7365af4869","SC Magazine covg LinkedIn 10.31.25",[],{"title":2361,"date":2362,"url":2363,"image":1307},"New LinkedIn phishing campaign targets finance executives","Fri Oct 31 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.scworld.com/brief/new-linkedin-phishing-campaign-targets-finance-executives",{},1761961578583,1761961578567,[],{"breakpoints":2369,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2371,"id":2372,"name":2373,"modelId":1068,"published":13,"query":2374,"data":2375,"variations":2379,"lastUpdated":2380,"firstPublished":2381,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2382,"meta":2383,"rev":1081},1761947171521,"2ce3789549db412aa99b58872d78fb0e","Computing UK covg LinkedIn 10.31.25",[],{"url":2376,"date":2377,"title":2378,"image":1400},"https://www.computing.co.uk/news/2025/security/linkedin-phishers-target-executives-with-fake-board-invitations","Fri Oct 31 2025 00:03:00 GMT-0700 (Pacific Daylight Time)","LinkedIn phishers target executives with fake board invitations",{},1761947289516,1761947289502,[],{"breakpoints":2384,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2386,"id":2387,"name":2388,"modelId":1068,"published":13,"query":2389,"data":2390,"variations":2394,"lastUpdated":2395,"firstPublished":2396,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2397,"meta":2398,"rev":1081},1761945728360,"03afaafcb7814d74af6589a6d7387fd8","Forbes coverage 10.31.25",[],{"title":2391,"date":2392,"image":1830,"url":2393},"LinkedIn DM attack warning — what users need to know","Fri Oct 31 2025 00:01:00 GMT-0700 (Pacific Daylight Time)","https://www.forbes.com/sites/daveywinder/2025/10/31/linkedin-dm-attack-warning---what-users-need-to-know/",{},1761945955728,1761945939660,[],{"lastPreviewUrl":29,"breakpoints":2399,"kind":28,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2401,"id":2402,"name":2403,"modelId":1068,"published":13,"query":2404,"data":2405,"variations":2408,"lastUpdated":2409,"firstPublished":2410,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2411,"meta":2412,"rev":1081},1761945120534,"affd2e99a6db4d9a861ccd39b21a3ece","TechRadar covg LinkedIn phishing 10.31.25",[],{"title":2406,"date":2362,"url":2407,"image":1415},"New LinkedIn phishing scam targets executives with fake board positions","https://www.techradar.com/pro/security/linkedin-scammers-target-executives-with-fake-board-positions",{},1761945175881,1761945175869,[],{"breakpoints":2413,"kind":28,"lastPreviewUrl":29,"hasAutosaves":34},{"xsmall":31,"small":32,"medium":33},{"createdDate":2415,"id":2416,"name":2417,"modelId":1068,"published":13,"query":2418,"data":2419,"variations":2423,"lastUpdated":2424,"firstPublished":2425,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2426,"meta":2427,"rev":1081},1761925374078,"58f52d3ae94b41818f4440a4066907bf","MSSP Alert covg GPS news 10.31.25",[],{"date":2362,"url":2420,"title":2421,"image":2422},"https://www.msspalert.com/news/push-security-and-guidepoint-partner-to-deliver-browser-based-detection-and-response","Push Security and GuidePoint partner to deliver browser-based detection and response","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F1c5c45d781a24850a25a474a0a54ca55",{},1761925544631,1761925544627,[],{"breakpoints":2428,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2430,"id":2431,"name":2432,"modelId":1068,"published":13,"query":2433,"data":2434,"variations":2437,"lastUpdated":2438,"firstPublished":2439,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2440,"meta":2441,"rev":1081},1761838982466,"be4f6c4324c6451b9d6d569ac7f27f31","Bleeping Computer coverage LinkedIn Campaign 10.30.25",[],{"image":1228,"url":2435,"date":621,"title":2436},"https://www.bleepingcomputer.com/news/security/linkedin-phishing-targets-finance-execs-with-fake-board-invites/","LinkedIn phishing targets finance execs with fake board invites",{},1761839107201,1761839083538,[],{"breakpoints":2442,"lastPreviewUrl":29,"kind":28,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"createdDate":2444,"id":2445,"name":2446,"modelId":1068,"published":13,"meta":2447,"query":2449,"data":2450,"variations":2454,"lastUpdated":2455,"firstPublished":2456,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2457,"rev":1081},1761681021052,"ac43ae2fa82445948a210c110b96ce37","Channel Insider GPS news 10.28.25",{"breakpoints":2448,"kind":28,"lastPreviewUrl":29},{"xsmall":31,"small":32,"medium":33},[],{"url":2451,"date":658,"title":2452,"image":2453},"https://www.channelinsider.com/security/managed-services/push-security-guidepoint-partnership/","Push Security & GuidePoint Security announce partnership","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ffbe34c3f83b2441a8dccb76789212dc4",{},1761681086588,1761681086574,[],{"createdDate":2459,"id":2460,"name":2461,"modelId":1068,"published":13,"meta":2462,"query":2464,"data":2465,"variations":2469,"lastUpdated":2470,"firstPublished":2471,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2472,"rev":1081},1761346114618,"6cdbb3d6778943b29b9a8a49f5d702c7","The Hacker News - 10.20.25",{"breakpoints":2463,"kind":28,"lastPreviewUrl":29},{"xsmall":31,"small":32,"medium":33},[],{"title":2466,"date":2467,"url":2468,"image":1072},"Analysing ClickFix: 3 reasons why copy/paste attacks are driving security breaches","Mon Oct 20 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html",{},1761346212903,1761346212888,[],{"createdDate":2474,"id":2475,"name":2476,"modelId":1068,"published":13,"meta":2477,"query":2479,"data":2480,"variations":2485,"lastUpdated":2486,"firstPublished":2487,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2488,"rev":1081},1760476919714,"cb5d689a1542442595127fb06115ba39","Cybercrime Magazine podcast 10.7.25",{"lastPreviewUrl":29,"breakpoints":2478,"kind":28},{"xsmall":31,"small":32,"medium":33},[],{"image":2481,"date":2482,"title":2483,"url":2484},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fcfc7e4d4644945c1b7e88780af073dc5","Tue Oct 07 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Fighting identity attacks. Push Security secures $30M in funding.","https://soundcloud.com/cybercrimemagazine/fighting-identity-attacks-push-security-secures-30m-funding-adam-bateman-cofounder-ceo",{},1760540162536,1760477002768,[],{"data":2490,"variations":2495,"name":2496,"createdDate":2497,"testRatio":23,"published":13,"meta":2498,"lastUpdatedBy":292,"createdBy":292,"folders":2500,"firstPublished":2501,"modelId":1068,"id":2502,"lastUpdated":2503,"query":2504,"rev":1081},{"title":2491,"url":2492,"image":2493,"date":2494},"Hackers are looking to steal Microsoft logins using some devious new tricks - here's how to stay safe","https://www.msn.com/en-us/money/other/hackers-are-looking-to-steal-microsoft-logins-using-some-devious-new-tricks-here-s-how-to-stay-safe/ar-AA1Lav17","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F61beebb7353d414086bcebc081ac5500","Mon Aug 25 2025 00:01:00 GMT-0700 (Pacific Daylight Time)",{},"MSN.com ADFS coverage 8.25.25",1758836339904,{"lastPreviewUrl":29,"breakpoints":2499,"kind":28},{"medium":33,"small":32,"xsmall":31},[],1758836400724,"3241a0a6618d44f9ae140d91f4cd1387",1758836400736,[],{"testRatio":23,"folders":2506,"query":2507,"lastUpdated":2508,"published":13,"createdDate":2509,"variations":2510,"name":2511,"id":2512,"data":2513,"createdBy":292,"meta":2518,"lastUpdatedBy":292,"modelId":1068,"firstPublished":2520,"rev":1081},[],[],1758737920402,1758737823316,{},"Bloomberg coverage 9.24.25","6539b9daae5e4840b163c64a6fc3fb79",{"title":2514,"url":2515,"image":2516,"date":2517},"Hackers are trying to scam tech bosses through LinkedIn","https://www.bloomberg.com/news/newsletters/2025-09-24/hackers-are-trying-to-scam-tech-bosses-through-linkedin","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F1b6cc4a2b61e43fc9ac9b030ddf8862a","Wed Sep 24 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",{"lastPreviewUrl":29,"breakpoints":2519,"kind":28},{"xsmall":31,"small":32,"medium":33},1758737920387,{"meta":2522,"createdDate":2524,"lastUpdatedBy":292,"id":2525,"firstPublished":2526,"createdBy":292,"query":2527,"folders":2528,"data":2529,"testRatio":23,"modelId":1068,"variations":2534,"name":2535,"published":13,"lastUpdated":2536,"rev":1081},{"breakpoints":2523,"kind":28,"lastPreviewUrl":29},{"medium":33,"small":32,"xsmall":31},1758562786655,"718153bdabe3414094b0d4ec3c7de705",1758562873907,[],[],{"title":2530,"date":2531,"image":2532,"url":2533},"Who is Scattered Spider? Crypto.com breach and major London cyber attacks the result of crime network","Mon Sep 22 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F684ea0cae41d4f9ea0dded0fd1597fea","https://www.ccn.com/news/technology/who-is-scattered-spider-crypto-com-tfl/",{},"CCN coverage Scattered Spider blog post 9.22.25",1758562873921,{"firstPublished":2538,"folders":2539,"meta":2540,"modelId":1068,"createdDate":2542,"name":2543,"published":13,"data":2544,"id":2549,"createdBy":292,"query":2550,"lastUpdatedBy":292,"variations":2551,"testRatio":23,"lastUpdated":2552,"rev":1081},1758297128886,[],{"kind":28,"lastPreviewUrl":29,"breakpoints":2541},{"medium":33,"small":32,"xsmall":31},1758297056575,"Decipher podcast w/ Adam 9.19.25",{"url":2545,"title":2546,"image":2547,"date":2548},"https://decipher.sc/videos/new-targeted-phishing-attack-trends-with-adam-bateman-of-push-security/","New targeted phishing attack trends with Adam Bateman of Push Security","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff7fe6fbe4eae4384bdea240c10b6455b","Fri Sep 19 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","caf3a388a71d477089665f72589ddc3a",[],{},1758297128899,{"createdDate":2554,"id":2555,"name":2556,"modelId":1068,"published":13,"meta":2557,"query":2559,"data":2560,"variations":2564,"lastUpdated":2565,"firstPublished":2566,"testRatio":23,"createdBy":25,"lastUpdatedBy":292,"folders":2567,"rev":1081},1758013870880,"45f6c7c9e5334068a73e7410cd2f1e5b","THN 09/15/25",{"kind":28,"lastPreviewUrl":29,"breakpoints":2558},{"xsmall":31,"small":32,"medium":33},[],{"date":2561,"image":1072,"title":2562,"url":2563},"Mon Sep 15 2025 08:00:00 GMT+0100 (British Summer Time)","6 browser-based attacks security teams need to prepare for right now","https://thehackernews.com/2025/09/6-browser-based-attacks-security-teams.html",{},1761346228352,1758013933935,[],{"createdDate":2569,"id":2570,"name":2571,"modelId":1068,"published":13,"meta":2572,"query":2574,"data":2575,"variations":2580,"lastUpdated":2581,"firstPublished":2582,"testRatio":23,"createdBy":292,"lastUpdatedBy":292,"folders":2583,"rev":1081},1757995415465,"2067a743118f4aab8b25eae5d14f7653","ChannelE2E coverage M. Orlando 9.12.25",{"breakpoints":2573,"kind":28,"lastPreviewUrl":29},{"xsmall":31,"small":32,"medium":33},[],{"title":2576,"date":2577,"url":2578,"image":2579},"Changes in the channel: Push Security names Mark Orlando as Field CTO","Fri Sep 12 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.channele2e.com/news/changes-in-the-channel-people-moves-and-shakeups-september-01-september-05","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa4c417281e1044e784c2f31db77e9cf4",{},1757995547792,1757995547780,[],1784196754463]