[{"data":1,"prerenderedAt":3406},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":95,"news-index":155,"press-pages":249,"use-case-page":871,"news-items":1887},[4],{"name":5,"enabled":6},"maintenanceMode",false,[8,59,76],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"stageModifiedSincePublish":6,"query":14,"data":15,"variations":50,"lastUpdated":51,"firstPublished":52,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":54,"meta":55,"rev":58},1742213002749,"efff2a27faf4408e9f908eba4b5542fe","inductive-automation","1c6207a5f24948ab82d4a0b17f251193","published",[],{"testimonial":16,"description":43,"type":19,"link":44,"title":47,"testimonialLink":48,"image":49},{"@type":17,"id":18,"model":19,"value":20},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79","testimonial",{"query":21,"folders":22,"createdDate":23,"id":18,"name":24,"modelId":25,"published":13,"data":26,"variations":30,"lastUpdated":31,"firstPublished":32,"testRatio":33,"createdBy":34,"lastUpdatedBy":34,"meta":35,"rev":42},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":27,"jobTitle":28,"quote":24,"image":29},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,1,"ST0tXQM8slWpFrmioqKHmENB2qe2",{"kind":36,"lastPreviewUrl":37,"breakpoints":38,"hasAutosaves":41},"data","",{"small":39,"medium":40},640,768,true,"n0c69wxpcx","Join the industry's top security minds as they break down the browser attack landscape.",{"url":45,"text":46},"https://pushsecurity.com/webinar/state-of-browser-security","Save Your Spot","State of Browser Attacks Series","/customer-stories/inductive-automation","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe94fca10aa7b46ac8052b7ea22de54cd",{},1776257019270,1742221533648,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2",[],{"breakpoints":56,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},320,"brpv9ps5x2",{"createdDate":60,"id":61,"name":62,"modelId":12,"published":13,"query":63,"data":64,"variations":69,"lastUpdated":70,"firstPublished":71,"testRatio":33,"createdBy":53,"lastUpdatedBy":72,"folders":73,"meta":74,"rev":58},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner",[],{"type":65,"url":66,"text":67,"link":68},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,"jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":36,"lastPreviewUrl":37,"breakpoints":75,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":77,"id":78,"name":79,"modelId":12,"published":13,"stageModifiedSincePublish":6,"query":80,"data":81,"variations":89,"lastUpdated":90,"firstPublished":91,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":92,"meta":93,"rev":58},1742208469288,"6763051b201f44a0838c6400c580ca67","Resource highlight",[],{"image":82,"type":83,"description":84,"link":85,"title":88},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9","resource","Learn about the latest techniques being used in the wild.",{"url":86,"text":87},"/resources/browser-attacks-report","Download now","Report: 2026 Browser Attack Techniques",{},1776255866789,1742208570400,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":94,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":96,"id":97,"name":98,"modelId":99,"published":13,"query":100,"data":101,"variations":145,"lastUpdated":146,"firstPublished":147,"testRatio":33,"createdBy":34,"lastUpdatedBy":148,"folders":149,"meta":150,"rev":154},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",[],{"ctaText":102,"text":103,"url":37,"blocks":104,"state":141},"ewrererw","testrfesssssssssss",[105,129],{"@type":106,"@version":107,"id":108,"component":109,"responsiveStyles":119},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":110,"tag":110,"options":111,"isRSC":118},"TopBannerContent",{"text":112,"ctaText":46,"url":45,"mainText":113,"cta":116},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks",{"content":114,"fontSize":115},"\u003Cp>New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks\u003C/p>","text-base",{"content":117,"fontSize":115,"url":45},"\u003Cp>\u003Cstrong style=\"font-weight:700;\">Save Your Spot\u003C/strong>\u003C/p>\n",null,{"large":120},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"marginTop":126,"marginBottom":126,"fontSize":127,"fontWeight":128},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"id":130,"@type":106,"tagName":131,"properties":132,"responsiveStyles":136},"builder-pixel-dloynz89rbq","img",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":137},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},"block","hidden","none",{"deviceSize":142,"location":143},"large",{"path":37,"query":144},{},{},1775137295127,1774968080803,"ax7YYfD0OCeqT1Vxxv1G4FUbqVr1",[],{"breakpoints":151,"hasLinks":6,"kind":152,"lastPreviewUrl":153,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"component","https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default","vvf0k1j1pre",{"createdDate":156,"id":157,"name":158,"modelId":159,"published":13,"query":160,"data":166,"variations":240,"lastUpdated":241,"firstPublished":242,"testRatio":33,"screenshot":243,"createdBy":34,"lastUpdatedBy":148,"folders":244,"meta":245,"rev":248},1745323767748,"9b9c30a396874136b690b67e018af9ce","News base page","606610f7fb9e4e6599108b224bd1f6e6",[161],{"@type":162,"property":163,"operator":164,"value":165},"@builder.io/core:Query","urlPath","is","/news",{"title":158,"themeId":6,"seoTitle":167,"seoDescription":168,"inputs":169,"blocks":170,"url":165,"state":237},"Push Security News","Find all our latest news stories",[],[171,232],{"@type":106,"@version":107,"id":172,"component":173,"responsiveStyles":230},"builder-4d532a941b2c4c97a291fa440110ec51",{"name":174,"tag":174,"options":175,"isRSC":118},"NewsHero",{"newsHero":176,"buttonText":179},{"prefix":177,"type":178,"buttonText":179,"item":180},"Latest news","press release","Read more",{"@type":17,"id":181,"model":182,"value":183},"33f99f60cb084b399cd665ea33353de5","press-pages",{"createdDate":184,"id":181,"name":185,"modelId":186,"published":13,"query":187,"data":190,"variations":218,"lastUpdated":219,"firstPublished":220,"testRatio":33,"screenshot":221,"createdBy":222,"lastUpdatedBy":222,"folders":223,"meta":224,"rev":229},1772643697281,"PR20260305 Push Security Launches Malicious Browser Extension Blocking","f4b8a13df871497bb5e61c4707cfc5e5",[188],{"@type":162,"property":163,"operator":164,"value":189},"/news/push-launches-malicious-browser-extension-blocking",{"inputs":191,"date":192,"seoDescription":193,"seoTitle":194,"title":195,"themeId":6,"image":196,"ogImage":196,"blocks":197,"url":189,"state":215},[],"Thu Mar 05 2026 00:00:00 GMT-0800 (Pacific Standard Time)","New capability enables organizations to detect malicious browser extensions and automatically block them from running in employee browsers.","Push Security Launches Malicious Browser Extension Blocking ","Push Security Launches Malicious Browser Extension Blocking to Stop Emerging Extension-Based Attacks","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5b1ca78c5ed441cd84c37c33c1db416e",[198,210],{"@type":106,"@version":107,"id":199,"meta":200,"component":202,"responsiveStyles":206},"builder-6427a29f3d3d46189e337e47406433ca",{"previousId":201},"builder-262d880c4939468096ef7b73f4af7ddf",{"name":203,"options":204,"isRSC":118},"Text",{"text":205},"\u003Cp>\u003Cem>New capability enables organizations to detect malicious browser extensions and automatically block them from running in employee browsers.\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — (March 5, 2026) —\u003C/strong> Push Security, a leader in browser-based threat detection and response, today announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. This new feature will enable organizations to automatically block known-bad extensions from running in employee browsers.\u003C/p>\u003Cp>Attackers are increasingly turning to malicious browser extensions as a preferred method of compromise. \u003Ca href=\"https://pushsecurity.com/blog/guide-managing-browser-extensions\" rel=\"noopener noreferrer\" target=\"_blank\">Recent campaigns such as ShadyPanda, ZoomStealer, and GhostPoster\u003C/a>, along with breaches impacting vendors including Cyberhaven and Trust Wallet, highlight the growing risk posed by compromised extensions.\u003C/p>\u003Cp>“Browser extensions represent one of the most under-monitored attack vectors in modern enterprises,” said Jacques Louw, chief product officer at Push Security. “For modern organizations running different operating systems and browsers across their workforce, it’s hard to know what’s running — let alone what is malicious.”&nbsp;\u003C/p>\u003Cp>\u003Cstrong>A growing and miscalculated threat\u003C/strong>\u003C/p>\u003Cp>Nearly every major app now has a browser extension counterpart, alongside thousands of AI overlays, screen recorders, spell checkers, and design tools. The \u003Ca href=\"https://chromewebstore.google.com/\" rel=\"noopener noreferrer\" target=\"_blank\">Chrome Web Store\u003C/a> alone hosts more than 100,000 extensions, making it clear that this is an expanding attack surface that many organizations do not fully understand.\u003C/p>\u003Cp>“Compounding the issue, most malicious extensions do not begin as malicious,” said Louw. “Attackers frequently create initially benign extensions and later push malicious updates, or&nbsp;take over existing extensions with large install bases, by hacking extension devs, or simply by purchasing the extension legitimately. Once a malicious update is deployed, every browser running the extension can be compromised when their browser next updates.”\u003C/p>\u003Cp>“Simply blocking extensions altogether is unrealistic for most organizations,” he continued. “Security teams need visibility and enforcement without disrupting productivity.”\u003C/p>\u003Cp>Extension code is routinely analyzed as part of the extension upload and approval process; however, attackers routinely evade detection using obfuscated and dynamically compiled code. Extensions are often flagged only after malicious activity is observed in the wild and, more frequently, after a breach has occurred. Even when removed from the store, extensions may remain active in user browsers, underlining the importance of being able to detect and block extensions independently of the web store.\u003C/p>\u003Cp>Push’s new capability enables organizations to automatically block known malicious extensions from running in employee browsers, derived from Push’s continuously updated intelligence database of reported malicious extensions. Customers can enforce policies in monitor or block mode via the Push admin console. When a malicious extension is detected, the platform generates severity-based alerts and can automatically disable the extension in affected browsers.\u003C/p>\u003Cp>Beyond blocking known-bad extensions, Push provides real-time visibility into all extensions running across an organization’s workforce, including metadata such as publisher history, permissions, deployment method, and update activity. This enables security teams to seamlessly manage extensions across browsers and operating systems from a single platform, identify risky extensions, implement allowlists or blocklists, and monitor for suspicious changes such as changes in ownership or permissions.\u003C/p>\u003Cp>The new feature expands Push’s browser-based security platform, which also protects against adversary-in-the-middle (AiTM) phishing, credential stuffing, session hijacking, and other browser-native attack techniques.\u003C/p>\u003Cp>\u003Cstrong>Availability\u003C/strong>\u003C/p>\u003Cp>Malicious extension detection and blocking is available now to Push customers. For more information on malicious browser extension blocking, check out today’s \u003Ca href=\"https://pushsecurity.com/blog/guide-managing-browser-extensions\" rel=\"noopener noreferrer\" target=\"_blank\">Push blog post\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":207},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},"normal","auto",{"id":211,"@type":106,"tagName":131,"properties":212,"responsiveStyles":213},"builder-pixel-ss40bqsmnnp",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":214},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":216},{"path":37,"query":217},{},{},1772715805012,1772715804987,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8da3b0deab2e40179352ca6ea264d73e","rGmJFEtPqFbC0o3fwsbG5B9aNv03",[],{"winningTest":118,"kind":225,"breakpoints":226,"originalContentId":227,"hasLinks":6,"lastPreviewUrl":228,"hasAutosaves":6},"page",{"xsmall":57,"small":39,"medium":40},"22e996cafde44614a602b3656627987e","https://pushsecurity.com/news/push-launches-malicious-browser-extension-blocking?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=33f99f60cb084b399cd665ea33353de5&builder.overrides.33f99f60cb084b399cd665ea33353de5=33f99f60cb084b399cd665ea33353de5&builder.overrides.press-pages:/news/push-launches-malicious-browser-extension-blocking=33f99f60cb084b399cd665ea33353de5&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","oomiqq8w7w",{"large":231},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":233,"@type":106,"tagName":131,"properties":234,"responsiveStyles":235},"builder-pixel-ugti42qkkf",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":236},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":238},{"path":37,"query":239},{},{},1772729085742,1745323833486,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Feb12da6ddba7402c96032148fb1db9f7",[],{"kind":225,"lastPreviewUrl":246,"hasLinks":6,"breakpoints":247,"hasAutosaves":6},"https://pushsecurity.com/news?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=news-index&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.news-index=9b9c30a396874136b690b67e018af9ce&builder.overrides.9b9c30a396874136b690b67e018af9ce=9b9c30a396874136b690b67e018af9ce&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},"l58jhky3bo",[250,275,313,347,384,419,456,491,536,581,618,662,705,749,791,832],{"createdDate":184,"id":181,"name":185,"modelId":186,"published":13,"query":251,"data":253,"variations":270,"lastUpdated":219,"firstPublished":220,"testRatio":33,"screenshot":221,"createdBy":222,"lastUpdatedBy":222,"folders":271,"meta":272,"rev":274},[252],{"@type":162,"property":163,"operator":164,"value":189},{"inputs":254,"date":192,"seoDescription":193,"seoTitle":194,"title":195,"themeId":6,"image":196,"ogImage":196,"blocks":255,"url":189,"state":267},[],[256,262],{"@type":106,"@version":107,"id":199,"meta":257,"component":258,"responsiveStyles":260},{"previousId":201},{"name":203,"options":259,"isRSC":118},{"text":205},{"large":261},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":263,"@type":106,"tagName":131,"properties":264,"responsiveStyles":265},"builder-pixel-t4llxnsv6i9",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":266},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":268},{"path":37,"query":269},{},{},[],{"winningTest":118,"kind":225,"breakpoints":273,"originalContentId":227,"hasLinks":6,"lastPreviewUrl":228,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"w5r5wulptxo",{"createdDate":276,"id":227,"name":277,"modelId":186,"published":13,"query":278,"data":281,"variations":304,"lastUpdated":305,"firstPublished":306,"testRatio":33,"screenshot":307,"createdBy":222,"lastUpdatedBy":222,"folders":308,"meta":309,"rev":274},1765824936505,"PR20251217 Push Security Launches ClickFix Detection",[279],{"@type":162,"property":163,"operator":164,"value":280},"/news/push-launches-ClickFix-detection",{"seoTitle":282,"seoDescription":283,"themeId":6,"image":284,"title":285,"ogImage":284,"date":286,"blocks":287,"url":280,"state":301},"Push Security Launches ClickFix Detection","New feature detects and blocks one of the fastest-growing cyberattack techniques at the source, protecting users before malware is delivered or their account is compromised","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fafa37d63972243219857c6cbb4b28ab7","Push Security Launches Malicious Copy-and-Paste Detection to Stop ClickFix Attacks in the Browser","Wed Dec 17 2025 00:00:00 GMT-0800 (Pacific Standard Time)",[288,296],{"@type":106,"@version":107,"id":201,"meta":289,"component":291,"responsiveStyles":294},{"previousId":290},"builder-32ec389f723e4e5492cdf8edd28e2f2e",{"name":203,"options":292,"isRSC":118},{"text":293},"\u003Cp>\u003Cem>New feature detects and blocks one of the fastest-growing cyberattack techniques at the source, protecting users before malware is delivered or their account is compromised\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>BOSTON — Dec. 17, 2025 —\u003C/strong> Push Security, a leader in browser-based detection and response, today announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser — preventing them from being run on machines, and cutting off attackers at the earliest opportunity.\u003C/p>\u003Cp>Push Security’s malicious copy-and-paste detection identifies and blocks the exact user action that makes ClickFix possible. By monitoring copy events in the browser, Push can distinguish legitimate activity, such as code copied from GitHub or SIEM tools, from malicious scripts. This approach ensures high-fidelity alerts and minimal false positives without disrupting employee workflows or productivity.\u003C/p>\u003Cp>“ClickFix is now one of the most effective ways attackers have at their disposal to steal&nbsp;business data and disrupt operations,” said Jacques Louw, chief product officer at Push Security. “Existing email and network security tools struggle to detect it during delivery, and endpoint controls are being routinely bypassed during execution. Our new feature changes the game by stopping these attacks right where they start: in the browser.”\u003C/p>\u003Cp>\u003Ca href=\"https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/\" rel=\"noopener noreferrer\" target=\"_blank\">ClickFix\u003C/a>, also known as fake CAPTCHA attacks with variants like FileFix, has rapidly become a go-to technique for cybercriminals. Reports show a \u003Ca href=\"https://www.scworld.com/news/clickfix-phishing-links-increased-nearly-400-in-12-months-report-says\" rel=\"noopener noreferrer\" target=\"_blank\">400% year-over-year increase\u003C/a> in ClickFix attacks, with a separate study citing a \u003Ca href=\"https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h12025.pdf\" rel=\"noopener noreferrer\" target=\"_blank\">517% surge\u003C/a> in just the last six months. The attack method is frequently leveraged by groups such as \u003Ca href=\"https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-203a\" rel=\"noopener noreferrer\" target=\"_blank\">Interlock ransomware\u003C/a> and has been linked to several high-profile enterprise breaches in a variety of industries including financial services, healthcare, and retail as well as state and local government.&nbsp;\u003C/p>\u003Cp>Unlike traditional phishing, ClickFix attacks manipulate victims into copying malicious code from a fake web challenge, such as a CAPTCHA or “page error,” and running it locally. From there, attackers deliver malware, steal credentials and session cookies, and often deploy ransomware for double extortion.\u003C/p>\u003Cp>“We see attack techniques like ClickFix evolve faster than traditional defenses can keep up. So for us, it is key to study attacker behavior in depth and design protections around the actions they can’t avoid,” said Louw. “This research-driven approach allows us to deliver practical, universally effective controls that other vendors often overlook, and it’s what we believe sets us apart as a true innovator in browser security.”\u003C/p>\u003Cp>Key benefits of Push’s malicious copy-and-paste detection include:\u003C/p>\u003Cul>\u003Cli>Universal protection: Effective across all ClickFix variants, regardless of lure type, delivery channel, or malware payload.\u003C/li>\u003Cli>Seamless user experience: Unlike heavy-handed endpoint or DLP controls, Push protects without blocking legitimate copy-paste activity.\u003C/li>\u003Cli>Early intervention: Stops attackers before malware delivery, rather than relying on endpoint detection after the fact.\u003C/li>\u003C/ul>\u003Cp>This new feature adds another layer to Push Security’s browser-based defense platform, which already protects organizations against phishing, session hijacking, credential stuffing, malicious browser extensions, malicious OAuth integrations, and other browser-based attacks.\u003C/p>\u003Cp>For a demo of the feature in action, \u003Ca href=\"https://youtu.be/u28oeQuMRWU\" rel=\"noopener noreferrer\" target=\"_blank\">watch this video\u003C/a>.\u003C/p>\u003Cp>In addition, the research team’s continued deep dive into ClickFix also led to the discovery last week of a new ClickFix-style technique it has since dubbed “ConsentFix.” This new browser-based attack takes over user accounts with a simple copy and paste. If a user is already logged into the app in their browser, they don’t even need to supply credentials, or pass an MFA check — meaning it effectively circumvents phishing-resistant auth like passkeys too. The team has issued a detailed report on ConsentFix and how to protect against it on the \u003Ca href=\"https://pushsecurity.com/blog/consentfix/\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a>.\u003C/p>\u003Cp>To learn more about how Push Security protects organizations against browser-based attacks, visit the \u003Ca href=\"https://pushsecurity.com/uc/clickfix-protection\" rel=\"noopener noreferrer\" target=\"_blank\">ClickFix protection section of the website\u003C/a> or book a \u003Ca href=\"https://pushsecurity.com/demo/\" rel=\"noopener noreferrer\" target=\"_blank\">live demo\u003C/a> with the Push team.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":295},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":297,"@type":106,"tagName":131,"properties":298,"responsiveStyles":299},"builder-pixel-lyktsp3ah0i",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":300},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":302},{"path":37,"query":303},{},{},1765983222674,1765978282681,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd11cfb002f2e458fb2f0ccc139fce8af",[],{"originalContentId":310,"kind":225,"winningTest":118,"hasLinks":6,"breakpoints":311,"lastPreviewUrl":312,"hasAutosaves":41},"178c7886571d480096239b9e63b5528e",{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/news/push-launches-ClickFix-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=22e996cafde44614a602b3656627987e&builder.overrides.22e996cafde44614a602b3656627987e=22e996cafde44614a602b3656627987e&builder.overrides.press-pages:/news/push-launches-ClickFix-detection=22e996cafde44614a602b3656627987e&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":314,"id":310,"name":315,"modelId":186,"published":13,"query":316,"data":319,"variations":339,"lastUpdated":340,"firstPublished":341,"testRatio":33,"screenshot":342,"createdBy":222,"lastUpdatedBy":222,"folders":343,"meta":344,"rev":274},1765392005379,"PR20251211 Push Identifies ConsentFix",[317],{"@type":162,"property":163,"operator":164,"value":318},"/news/push-identifies-consent-fix",{"themeId":6,"ogImage":196,"seoDescription":320,"date":321,"title":322,"image":284,"seoTitle":323,"blocks":324,"url":318,"state":336},"ClickFix-style attack hijacks OAuth consent grants to take over Microsoft accounts, bypassing passwords, passkeys and MFA","Thu Dec 11 2025 00:00:00 GMT-0800 (Pacific Standard Time)","Push Security Uncovers “ConsentFix”: A New Class of Browser-Native Phishing Attack","Push Security Identifies \"ConsentFix\", New In-Browser Phishing Attack",[325,331],{"@type":106,"@version":107,"id":290,"component":326,"responsiveStyles":329},{"name":203,"options":327,"isRSC":118},{"text":328},"\u003Cp>\u003Cem>ClickFix-style attack hijacks OAuth consent grants to take over Microsoft accounts, bypassing passwords, passkeys and MFA\u003C/em>\u003C/p>\u003Cp>\u003Cstrong>\u003Cem>\u003Cspan class=\"ql-cursor\">﻿\u003C/span>\u003C/em>\u003C/strong>LONDON, BLACK HAT, EUROPE — Dec. 11, 2025 — (Booth #305) Push Security, a leader in browser-based detection and response, today announced the discovery of a new class of phishing attack that enables Microsoft account takeover simply by copy-and-pasting a URL.&nbsp;\u003C/p>\u003Cp>Dubbed “ConsentFix” by Push Security researchers, this browser-based phishing attack enables full account takeover without ever capturing a password or triggering MFA, marking a significant evolution in phishing techniques. Push researchers detected and blocked the attack across multiple Push customers, demonstrating that this new technique is already being used in the wild.\u003C/p>\u003Cp>ConsentFix is best understood as a browser-native ClickFix attack that leads to the compromise of an OAuth token on a target application, in this case, Microsoft. The attack detected by Push sees the victim tricked into logging into Azure CLI, by generating an OAuth authorization code — visible in a localhost URL — and then pasting that URL, including the code, into the phishing page.\u003C/p>\u003Cp>This new technique demonstrates the fast-evolving threat landscape. This year, ClickFix attacks were one of the fastest growing attack types. In fact, \u003Ca href=\"https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/msc/documents/presentations/CSR/Microsoft-Digital-Defense-Report-2025.pdf#page=1\" rel=\"noopener noreferrer\" target=\"_blank\">according to Microsoft 47% of attacks started with ClickFix\u003C/a> in the last year, while OAuth consent grants were widely abused by attackers like \u003Ca href=\"https://pushsecurity.com/blog/scattered-lapsus-hunters/\" rel=\"noopener noreferrer\" target=\"_blank\">Scattered Lapsus$ Hunters\u003C/a> in the campaign against Salesforce customers. But attackers have already iterated on these successful techniques with ConsentFix, combining the effective social engineering of ClickFix with OAuth abuse.&nbsp;\u003C/p>\u003Cp>This is a significant challenge for security teams for a number of reasons:\u003C/p>\u003Cul>\u003Cli>There’s no login required, therefore phishing-resistant authentication controls like passkeys have no impact on this attack.\u003C/li>\u003Cli>The attack happens entirely inside the browser context, removing one of the key detection opportunities for ClickFix attacks because it doesn’t touch the endpoint.\u003C/li>\u003Cli>Delivering the lure via Google Search completely circumvents email-based anti-phishing controls.\u003C/li>\u003Cli>Targeting a first-party app like Azure CLI means that many of the controls available for restricting and blocking third-party app integrations do not apply.\u003C/li>\u003Cli>The use of advanced detection evasion techniques makes this attack difficult to investigate, meaning these attacks are going undetected.&nbsp;\u003C/li>\u003C/ul>\u003Cp>“This technique is incredibly sophisticated,” said Jacques Louw, chief product officer at Push Security. “Not only is it technically designed to evade detection and bypass protective identity controls, it’s something that users aren’t necessarily trained to be on guard against. They don’t need to give their credentials or MFA codes away — they’re just pasting a URL.”\u003C/p>\u003Cp>\u003Cstrong>Copy-and-Paste to Full Access: How ConsentFix Works\u003C/strong>\u003C/p>\u003Cp>In the ConsentFix attacks observed by Push, victims were funneled through Google Search to compromised but reputable websites injected with a fake Cloudflare Turnstile challenge.&nbsp;\u003C/p>\u003Cp>After entering a valid corporate email, victims were then prompted to click a “Sign In” button that directs to a legitimate Microsoft page. If the victim is already logged into Microsoft in their browser, no further login is required and they are redirected to a localhost URL containing an OAuth authorization code for their Microsoft account. The final step was simply to paste that URL back into the original page, completing the malicious consent grant.&nbsp;\u003C/p>\u003Cp>Push researchers warn that attackers specifically targeted Microsoft Azure CLI, a first-party application implicitly trusted across Entra ID tenants. Unlike third-party OAuth apps, Azure CLI:\u003C/p>\u003Cul>\u003Cli>Cannot be blocked or deleted\u003C/li>\u003Cli>Can request powerful permissions without admin approval\u003C/li>\u003Cli>Is allowed to use internal or undocumented Graph scopes\u003C/li>\u003Cli>Is exempt from many tenant-level consent restrictions\u003C/li>\u003C/ul>\u003Cp>This makes it an exceptionally valuable target — and significantly limits available preventative controls.\u003C/p>\u003Cp>“ConsentFix completely sidesteps the traditional defenses that companies rely on,” said Louw. “The lure comes through Google Search, the pages are designed to evade detection, and it exploits a trusted first-party app that you can’t restrict. It’s a huge challenge for security teams.”\u003C/p>\u003Cp>\u003Cstrong>Detection Guidance\u003C/strong>\u003C/p>\u003Cp>Push warns that attackers are likely to integrate ConsentFix into phishing kits, broadening access and expanding beyond Microsoft targets to other cloud ecosystems. For now, organizations should monitor for unusual Azure CLI login events, especially for standard users.\u003C/p>\u003Cp>Since the attacker is intentionally leveraging legacy scopes to evade detection, organizations should ensure that AADGraphActivityLogs is enabled and monitored to be able to search for unusual activity such as AD enumeration.\u003C/p>\u003Cp>For more details about how ConsentFix works and security recommendations, check out the full research report on the \u003Ca href=\"https://pushsecurity.com/blog/consentfix\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a> or visit the team at Black Hat Europe this week in London at booth #305.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":330},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":332,"@type":106,"tagName":131,"properties":333,"responsiveStyles":334},"builder-pixel-slq1kxxw2nf",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":335},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":337},{"path":37,"query":338},{},{},1765469768653,1765462282867,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ffcc20640ded6428ead1ec5613104d412",[],{"hasLinks":6,"kind":225,"breakpoints":345,"lastPreviewUrl":346,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/news/push-identifies-consent-fix?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=178c7886571d480096239b9e63b5528e&builder.overrides.178c7886571d480096239b9e63b5528e=178c7886571d480096239b9e63b5528e&builder.overrides.press-pages:/news/push-identifies-consent-fix=178c7886571d480096239b9e63b5528e&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":348,"id":349,"name":350,"modelId":186,"published":13,"query":351,"data":354,"variations":376,"lastUpdated":377,"firstPublished":378,"testRatio":33,"screenshot":379,"createdBy":222,"lastUpdatedBy":222,"folders":380,"meta":381,"rev":274},1761751202674,"173e91572a2f465da724069aeffeeda5","PR20251030 LinkedIn Phishing Campaign",[352],{"@type":162,"property":163,"operator":164,"value":353},"/news/push-security-identifies-linkedin-phishing-campaign",{"seoTitle":355,"image":356,"date":357,"seoDescription":358,"themeId":6,"title":359,"blocks":360,"url":353,"state":373},"Push Security Sees Increase in Sophisticated LinkedIn-based Phishing Campaigns","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb48d2f175ee84d8d9cf50c519fdf25d3","Thu Oct 30 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security finds attackers are increasingly chaining legitimate Google and Microsoft services to mask phishing lures, bypassing traditional detection methods","Push Security Identifies Surge in Sophisticated LinkedIn-based Phishing Campaigns",[361,368],{"@type":106,"@version":107,"id":362,"component":363,"responsiveStyles":366},"builder-bfe77aa6bb5c43cfb4eeebd21e77f6a8",{"name":203,"options":364,"isRSC":118},{"text":365},"\u003Cp>\u003Cem>Attackers are increasingly chaining legitimate Google and Microsoft services to mask phishing lures, bypassing traditional detection methods\u003C/em>\u003C/p>\u003Cp>BOSTON — Oct. 30, 2025 — Push Security, a leader in browser-based detection and response, today announced the \u003Ca href=\"https://pushsecurity.com/blog/new-phishing-campaign-identified-targeting-linkedin-users\" rel=\"noopener noreferrer\" target=\"_blank\">discovery of a LinkedIn-based phishing campaign \u003C/a>that reflects a broader and accelerating trend: attackers are moving beyond email to target business users through social platforms like LinkedIn, while leveraging legitimate cloud services to disguise their attacks.\u003C/p>\u003Cp>In this latest campaign, intercepted by Push’s browser-native security platform, the attackers used a complex series of redirects through trusted Google and Microsoft services — including Google Search, Firebase, and Microsoft Dynamics — before landing victims on a credential-stealing page impersonating Microsoft.\u003C/p>\u003Cp>“Phishing attacks are no longer confined to the inbox,” said Adam Bateman, CEO of Push Security. “Attackers are meeting employees everywhere they work and communicate — including apps like LinkedIn — and they’re hiding in plain sight behind trusted domains that traditional defenses are programmed to ignore.”\u003C/p>\u003Cp>\u003Cstrong>A Growing Trend: LinkedIn as a Phishing Channel\u003C/strong>\u003C/p>\u003Cp>Push’s researchers have observed a sharp increase in phishing lures sent through **LinkedIn direct messages, exploiting the fact that the platform is widely used for legitimate professional outreach but falls outside the visibility of traditional enterprise email security tools. This is the \u003Ca href=\"https://pushsecurity.com/blog/how-push-stopped-a-high-risk-linkedin-spear-phishing-attack/\" rel=\"noopener noreferrer\" target=\"_blank\">second LinkedIn-targeted campaign\u003C/a> identified by Push in recent months, suggesting that attackers are increasingly viewing the platform as a reliable route to reach high-value targets such as executives, sales leaders, and hiring managers.\u003C/p>\u003Cp>Because LinkedIn sits outside enterprise phishing filters and other traditional cybersecurity solutions, attackers are able to initiate contact, send malicious links, and socially engineer victims with fewer barriers,” said Jacques Louw, chief product officer at Push Security. “The result is a blind spot in enterprise visibility and control, leaving employees exposed even on devices managed by corporate IT.\u003C/p>\u003Cp>\u003Cstrong>Legitimate Services Used to Evade Detection\u003C/strong>\u003C/p>\u003Cp>In this campaign, the attackers used a multi-layered redirect chain involving legitimate cloud services — such as Google Sites, Google Search, Firebase, and Microsoft Dynamics — to mask the destination of malicious links. By embedding redirects through reputable domains, attackers can dramatically reduce the likelihood of their links being flagged or blocked by automated tools.\u003C/p>\u003Cp>Attackers also deployed \u003Ca href=\"https://www.cloudflare.com/application-services/products/turnstile/\" rel=\"noopener noreferrer\" target=\"_blank\">Cloudflare Turnstile bot protection\u003C/a> to prevent automated analysis of their phishing sites, and used page obfuscation techniques — randomizing visual elements, titles, and code structures — to defeat detection signatures.\u003C/p>\u003Cp>“These tactics are becoming increasingly common in the phishing ecosystem and reflect just how well attackers understand how modern defenses operate,” said Louw. “We’re seeing adversaries take advantage of the trust placed in legitimate services like Google and Microsoft to build redirect chains that hide their activity. This level of sophistication means phishing is becoming increasingly difficult to detect and stop for most organizations.”\u003C/p>\u003Cp>\u003Cstrong>From LinkedIn Chat to Credential Theft\u003C/strong>\u003C/p>\u003Cp>The attack sequence began with a LinkedIn direct message containing a seemingly benign link. After a series of redirects through legitimate platforms, the victim was presented with a Microsoft-branded “view document” page protected by a Cloudflare Turnstile challenge. Once completed, the victim was served an adversary-in-the-middle (AiTM) phishing page designed to steal the user’s Microsoft session, bypassing controls like MFA.\u003C/p>\u003Cp>The rise of social media–delivered phishing campaigns underscores a broader shift in attacker strategy. As defenses around corporate email improve, adversaries are turning to less-guarded communication channels — and coupling them with legitimate cloud services — to maximize reach and minimize detection.\u003C/p>\u003Cp>Push researchers expect this trend to continue, with future phishing operations blending across channels and platforms that sit outside traditional enterprise security visibility.\u003C/p>\u003Cp>\u003Cstrong>Push Security’s Advantage: Real-Time, Browser-Based Detection\u003C/strong>\u003C/p>\u003Cp>Push Security detected and blocked the attack in real time by identifying the malicious activity in the user’s browser session—where the attack actually unfolds—rather than relying on URL reputation, email scanning, or threat intelligence feeds.\u003C/p>\u003Cp>“These campaigns show how attackers are bypassing every traditional control point — email gateways, link scanners, domain filters — by abusing the same trusted tools that enterprises rely on,” said Louw. “Push protects users in real-time in the browser, no matter how or where malicious content reaches the user.”\u003C/p>\u003Cp>Push’s browser-native platform identifies and blocks a wide range of browser-based attacks, including AiTM phishing, credential stuffing, session hijacking, and password reuse. Beyond detection, Push also helps organizations harden their identity attack surface by uncovering security gaps such as unmanaged logins, weak MFA coverage, and risky OAuth integrations.\u003C/p>\u003Cp>For more details on this campaign, check out our \u003Ca href=\"https://pushsecurity.com/blog/new-phishing-campaign-identified-targeting-linkedin-users\" rel=\"noopener noreferrer\" target=\"_blank\">research blog post here\u003C/a>.\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":367},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":369,"@type":106,"tagName":131,"properties":370,"responsiveStyles":371},"builder-pixel-c57788y8ed9",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":372},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":374},{"path":37,"query":375},{},{},1761825760389,1761825760362,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd2799290b7d84cd7a2764fc616f755f4",[],{"lastPreviewUrl":382,"breakpoints":383,"hasLinks":6,"kind":225,"hasAutosaves":6},"https://pushsecurity.com/news/push-security-identifies-linkedin-phishing-campaign?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=173e91572a2f465da724069aeffeeda5&builder.overrides.173e91572a2f465da724069aeffeeda5=173e91572a2f465da724069aeffeeda5&builder.overrides.press-pages:/news/push-security-identifies-linkedin-phishing-campaign=173e91572a2f465da724069aeffeeda5&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":385,"id":386,"name":387,"modelId":186,"published":13,"query":388,"data":391,"variations":411,"lastUpdated":412,"firstPublished":413,"testRatio":33,"screenshot":414,"createdBy":222,"lastUpdatedBy":148,"folders":415,"meta":416,"rev":274},1761580246694,"a5634c88296f4fa0b457871431d30bb9","PR20251028 Push Security Guidepoint Partnership",[389],{"@type":162,"property":163,"operator":164,"value":390},"/news/push-security-guidepoint-strategic-partnership",{"seoDescription":392,"date":393,"seoTitle":394,"themeId":6,"image":284,"title":394,"blocks":395,"url":390,"state":408},"Push Security and GuidePoint Security Announces Strategic Partnership with Guidepoint Security","Tue Oct 28 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security and GuidePoint Security Announce Strategic Partnership to Bring Browser-Based Defense to Customers",[396,403],{"@type":106,"@version":107,"id":397,"component":398,"responsiveStyles":401},"builder-cbdafed7512e4ab6b2debd1e83af1f90",{"name":203,"options":399,"isRSC":118},{"text":400},"\u003Cp>\u003Cem>New partnership brings real-time detection and response to the browser for GuidePoint customers&nbsp;\u003C/em>\u003C/p>\u003Cp>BOSTON – Oct. 28, 2025 – \u003Ca href=\"https://www.pushsecurity.com\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security\u003C/a>, a leader in browser-based detection and response, today announced a strategic reseller partnership with \u003Ca href=\"http://www.guidepointsecurity.com\" rel=\"noopener noreferrer\" target=\"_blank\">GuidePoint Security\u003C/a>, the leading cybersecurity solution provider that helps organizations make better decisions that minimize risk. Through this partnership, GuidePoint customers will have access to real-time detection, response, and protection through the browser against modern threats such as phishing, session hijacking, and malicious browser extensions.\u003C/p>\u003Cp>The browser has become the new endpoint, where employees log into cloud apps, move data, build products, and interact with customers. While traditional security tools still focus on endpoints and networks, the browser remains a blind spot: full of risk, but largely unmonitored.\u003C/p>\u003Cp>\"The browser is where work happens and attackers operate, making it the new security battleground,\" said Bryan Wallace, vice president of global partnerships at Push Security. \"Our partnership with GuidePoint Security puts advanced, browser-based detection and response in the hands of more security teams, helping them spot threats faster and act before any damage is done.”\u003C/p>\u003Cp>The Push platform gives defenders full visibility into user activity, attacker behavior, and session-level risk, while enforcing protective controls like MFA and SSO. Push Security works in any modern browser, deploys in minutes, and integrates seamlessly with existing stacks — making it accessible to security teams of any size. And because it was built by a team with deep offensive security expertise, the platform is designed with an attacker’s perspective in mind — ensuring defenses that reflect how real threats unfold in the browser.\u003C/p>\u003Cp>“Attackers are innovating quickly, and security teams need tools built with an attacker’s mindset in order to keep up,\" said Justin Iwaniszyn, director, new and emerging alliances at GuidePoint Security. \"Our partnership with Push enables our customers to improve visibility and better detect, secure and respond to browser threats in real time.”\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":402},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":404,"@type":106,"tagName":131,"properties":405,"responsiveStyles":406},"builder-pixel-dvay1odwuvf",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":407},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":409},{"path":37,"query":410},{},{},1774024054044,1761653104382,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7d7c8795e34c47488024a7b665c81669",[],{"hasLinks":6,"lastPreviewUrl":417,"breakpoints":418,"kind":225,"hasAutosaves":6},"https://pushsecurity.com/news/push-security-guidepoint-strategic-partnership?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=a5634c88296f4fa0b457871431d30bb9&builder.overrides.a5634c88296f4fa0b457871431d30bb9=a5634c88296f4fa0b457871431d30bb9&builder.overrides.press-pages:/news/push-security-guidepoint-strategic-partnership=a5634c88296f4fa0b457871431d30bb9&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":420,"id":421,"name":422,"modelId":186,"published":13,"meta":423,"query":426,"data":429,"variations":451,"lastUpdated":452,"firstPublished":453,"testRatio":33,"screenshot":454,"createdBy":222,"lastUpdatedBy":222,"folders":455,"rev":274},1757084000011,"7a6162b6b88948fea751108cf7b9be94","PR20250909 Push Security Welcomes Mark-Orlando Field-CTO",{"kind":225,"hasLinks":6,"lastPreviewUrl":424,"breakpoints":425},"https://pushsecurity.com/news/push-security-welcomes-mark-orlando-field-cto?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=7a6162b6b88948fea751108cf7b9be94&builder.overrides.7a6162b6b88948fea751108cf7b9be94=7a6162b6b88948fea751108cf7b9be94&builder.overrides.press-pages:/news/push-security-welcomes-mark-orlando-field-cto=7a6162b6b88948fea751108cf7b9be94&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},[427],{"@type":162,"property":163,"operator":164,"value":428},"/news/push-security-welcomes-mark-orlando-field-cto",{"image":430,"seoDescription":431,"themeId":6,"date":432,"title":433,"seoTitle":434,"blocks":435,"url":428,"state":448},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9741878f0ea747c38ae9fbbc949003c8","Mark Orlando joins Push Security as new Field CTO","Tue Sep 09 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Welcomes Veteran Cybersecurity Leader and SANS Instructor Mark Orlando as Field CTO","Push Security Welcomes New Field CTO",[436,443],{"@type":106,"@version":107,"id":437,"component":438,"responsiveStyles":441},"builder-c51756c656f841549d24adbb706ab0c9",{"name":203,"options":439,"isRSC":118},{"text":440},"\u003Cp>\u003Cem>Orlando brings two decades of security operations experience to advance Push’s mission of closing the browser blind spot for defenders\u003C/em>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>BOSTON — Sept. 9, 2025 — Push Security, a leader in browser-based detection and response, today announced the appointment of Mark Orlando as field chief technology officer (CTO). A lifelong defender, educator, and innovator in security operations, Orlando joins Push to help advance its mission to bring research-led detection and response to the browser — the new frontier for attackers.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>With more than 20 years of experience building and leading security operations at the Pentagon, the White House, the Department of Energy, and Fortune 500 enterprises, Orlando will help guide Push Security’s strategy as it redefines how organizations bring active security to the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Everywhere I’ve worked, from government to the private sector, I’ve seen the same challenge: defenders trying to protect users where they actually work,” said Orlando. “Today, that’s the browser. It’s where attackers are targeting, and where security teams need to be. Push Security is one of the first companies I’ve seen that gets this right, and that’s why I’m here.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In his new role, Orlando will serve as a bridge between practitioners and Push’s research-driven product innovation, ensuring that Push’s platform addresses the realities of today’s enterprise environment.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Mark embodies the defender’s mindset—he’s built teams from the ground up, taught thousands of students as a SANS instructor, and led security at the highest levels,” said Adam Bateman, CEO of Push Security. “His perspective and credibility will help us scale Push’s impact and ensure defenders can meet attackers where they are—inside the browser.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Orlando began his career as a SOC analyst and has since built and led security teams at some of the most sensitive and high-profile organizations in the world. Before joining Push, he co-founded Bionic Cyber, where he advised enterprises on building and scaling cyber defense capabilities. He also previously served as CTO of Raytheon Cyber where he defined technical strategy for consulting services, managed services, and strategic accounts worldwide.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Orlando is currently a SANS Certified Instructor and co-author of \u003Cem>LDR551: Building and Leading Security Operations Centers\u003C/em>, and instructor for \u003Cem>SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations\u003C/em>, and he served in the U.S. Marine Corps as an Artillery Non-Commissioned Officer. His expertise has been featured at RSA, Black Hat, DefCon, and in leading publications including \u003Cem>The New York Times, The Washington Post,\u003C/em> and \u003Cem>Bloomberg. \u003C/em>He actively shares his thoughts on the current state of cybersecurity news on his \u003Cem>Cybersecurity Leadership Weekly\u003C/em> substack: \u003Ca href=\"https://markaorlando.substack.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://markaorlando.substack.com/\u003C/a>.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":442},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":444,"@type":106,"tagName":131,"properties":445,"responsiveStyles":446},"builder-pixel-csid85ydkdw",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":447},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":449},{"path":37,"query":450},{},{},1760628630525,1757414970024,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F4a766dc458cb42b496b662ae92981017",[],{"createdDate":457,"id":458,"name":459,"modelId":186,"published":13,"meta":460,"query":463,"data":466,"variations":486,"lastUpdated":487,"firstPublished":488,"testRatio":33,"screenshot":489,"createdBy":222,"lastUpdatedBy":222,"folders":490,"rev":274},1754332549627,"3697d97cfe1743f69bb1bcb3d37f1d6f","PR20250806 Push Security Launches Phishing Techniques Matrix",{"kind":225,"hasLinks":6,"lastPreviewUrl":461,"breakpoints":462},"https://app.dev.pushsecurity.com/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.overrides.3697d97cfe1743f69bb1bcb3d37f1d6f=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.overrides.press-pages:/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix=3697d97cfe1743f69bb1bcb3d37f1d6f&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},[464],{"@type":162,"property":163,"operator":164,"value":465},"/news/pr-20250806-push-security-launches-phishing-detection-evasion-techniques-matrix",{"seoDescription":467,"seoTitle":468,"themeId":6,"image":356,"title":468,"date":469,"blocks":470,"url":465,"state":483},"Push Security releases new framework for phishing detection evasion methods","Push Security Launches Phishing Detection Evasion Techniques Matrix to Help Security Teams Pinpoint Detection Gaps","Wed Aug 06 2025 09:00:00 GMT-0700 (Pacific Daylight Time)",[471,478],{"@type":106,"@version":107,"id":472,"component":473,"responsiveStyles":476},"builder-5eabcac725d443958e7606547fdf44a3",{"name":203,"options":474,"isRSC":118},{"text":475},"\u003Cp>\u003Cem>New open source framework maps the latest generation of real-world phishing techniques, revealing how attackers bypass identity providers and evade traditional defenses \u003C/em>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>LAS VEGAS, BLACK HAT, USA&nbsp; – Aug. 6, 2025 – (Booth #2057) Push Security, a leader in browser-based detection and response, today published its Phishing Detection Evasion Techniques matrix, offering a new view into the way that modern phishing attacks function, and how they’re being used to evade classic detection controls.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Modern phishing attacks are routinely bypassing traditional email and network-based phishing defenses. Attackers are using alternative delivery methods (such as IM platforms, social media, and malicious ads), camouflaging phishing links by abusing legitimate apps and services, and using bot protection, obfuscation, and runtime anti-analysis features, making them resistant to automated analysis.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Handling phishing the same way we did 10 or 15 years ago just isn’t an option anymore,” said Jacques Louw, chief product officer at Push Security. “This resource gives defenders a clearer picture of how sophisticated attackers are actually operating in the wild — and how traditional security controls are being outmaneuvered.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The Phishing Detection Evasion Techniques matrix builds on Push Security’s earlier \u003Ca href=\"https://github.com/pushsecurity/saas-attacks\" rel=\"noopener noreferrer\" target=\"_blank\">SaaS Attacks Matrix\u003C/a>, continuing the company’s mission to help security teams visualize and counter real-world identity threats across the modern attack surface.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Key features of the matrix include:\u003C/p>\u003Cul>\u003Cli>Mapped TTPs across every phase of the phishing lifecycle, including target reconnaissance, lure crafting, link camouflage, anti-analysis, and MFA bypass.\u003C/li>\u003Cli>Real-world examples of how attackers use these techniques in the wild.\u003C/li>\u003Cli>Designed to be used and operationalized by security teams as part of phishing controls testing.\u003C/li>\u003C/ul>\u003Cp>This new framework arrives at a time when phishing attacks are becoming more targeted, evasive, and damaging, especially as enterprises shift to identity-based security models. In fact, phishing was the initial source of compromise in as many as 37% of all breaches in the \u003Ca href=\"https://www.verizon.com/business/resources/reports/dbir/\" rel=\"noopener noreferrer\" target=\"_blank\">2025 Verizon Data Breach Investigations Report\u003C/a> dataset, accounting for more than any other single access vector. It is also estimated that phishing attacks cost businesses \u003Ca href=\"https://www.ibm.com/reports/data-breach\" rel=\"noopener noreferrer\" target=\"_blank\">nearly $4.76 million per breach\u003C/a> driven largely by compromised credentials, lost productivity, incident response costs, and downstream damage to applications and data.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The Phishing Detection Evasion Techniques Matrix is now available \u003Ca href=\"https://phishing-techniques.pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">on GitHub\u003C/a>. For more details about the matrix check out the \u003Ca href=\"https://pushsecurity.com/blog/phishing-detection-evasion-launch\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog post\u003C/a> or visit the team this week at Black Hat USA, booth #2057.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>About Push Security\u003C/p>\u003Cp>Push Security brings active security to the browser to stop identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser. Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":477},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":479,"@type":106,"tagName":131,"properties":480,"responsiveStyles":481},"builder-pixel-wz561n4t4ji",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":482},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":484},{"path":37,"query":485},{},{},1754482423350,1754381649339,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3d2132ea8a1c4ddaa56c8844824be71c",[],{"createdDate":492,"id":493,"name":494,"modelId":186,"published":13,"meta":495,"query":499,"data":502,"variations":531,"lastUpdated":532,"firstPublished":533,"testRatio":33,"screenshot":534,"createdBy":222,"lastUpdatedBy":222,"folders":535,"rev":274},1747664169219,"04080f4423dd41ddb6d8ac1928ce8746","PR20250520 Push Security Launches PSAN",{"originalContentId":496,"winningTest":118,"kind":225,"lastPreviewUrl":497,"hasLinks":6,"breakpoints":498},"4831d56a62b04968a7dcaceeeb760064","https://app.dev.pushsecurity.com/news/push-security-launches-PSAN?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=04080f4423dd41ddb6d8ac1928ce8746&builder.overrides.04080f4423dd41ddb6d8ac1928ce8746=04080f4423dd41ddb6d8ac1928ce8746&builder.overrides.press-pages:/news/push-security-launches-PSAN=04080f4423dd41ddb6d8ac1928ce8746&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},[500],{"@type":162,"property":163,"operator":164,"value":501},"/news/push-security-launches-PSAN",{"ogImage":196,"date":503,"seoTitle":504,"image":196,"themeId":6,"title":504,"seoDescription":505,"blocks":506,"url":501,"state":528},"Tue May 20 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Launches Global Partner Program to Accelerate its Channel Go-To-Market Strategy","New Push partner program enables solution providers to close the gap between identity-first security and outdated approaches",[507,514,523],{"@type":106,"@version":107,"id":508,"component":509,"responsiveStyles":512},"builder-2622461181e24244934412ab358ba538",{"name":203,"options":510},{"text":511},"\u003Cp>\u003Cem>New Push Security Advisor Network (PSAN) enables solution providers to close the gap between identity-first security and outdated approaches\u003C/em>\u003C/p>",{"large":513},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":515,"meta":516,"component":518,"responsiveStyles":521},"builder-50ff72b07b3940e299350eb074a17fb4",{"previousId":517},"builder-4318713d522747f69bdde0c47f2c4eb7",{"name":203,"options":519},{"text":520},"\u003Cp>\u003Cbr>\u003C/p>\u003Cp>BOSTON, Mass., May 20, 2025 – Push Security, a pioneer in detecting and responding to modern identity attacks in the browser, today launched the Push Security Advisor Network (PSAN), its new global partner program designed to strengthen cybersecurity solution provider portfolios with the Push Security platform. With a focus on safeguarding the modern workforce from identity-driven threats, PSAN helps partners close the protection gap left by traditional on-premise security solutions.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>PSAN provides partners with access to cutting-edge security technology, a collaborative community of cybersecurity and enablement experts, and best in class incentives. The program is tailored to support partners in delivering seamless security outcomes for organizations facing the growing challenges of identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Security teams need an answer to today’s sophisticated phishing and identity attacks, as well as better visibility and control over how employees use applications,” said Bryan Wallace, vice president of global partnerships at Push Security. “With the Push Security Advisor Network, we’re bringing together top-tier partners to help businesses proactively address identity-based threats, reduce risk, and strengthen their security posture.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Key benefits of the PSAN program include:\u003C/p>\u003Cul>\u003Cli>Technical enablement and training – Partners receive hands-on training and certification to maximize expertise in deploying and managing Push Security solutions.\u003C/li>\u003Cli>Sales and marketing support – Dedicated resources, co-marketing opportunities, and demand-generation campaigns to drive business growth.\u003C/li>\u003Cli>Exclusive partner incentives – Best in class margins, deal registration, and performance-based rewards to support partner profitability.\u003C/li>\u003Cli>Collaborative threat intelligence – Access to real-time threat insights and best practices to help customers stay ahead of emerging security risks.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"With the launch of our Push Security Advisor Network, we're empowering partners to deliver stronger, more scalable human-layer security solutions to customers around the world,”&nbsp;said Kevin Arsenault, chief revenue officer at Push Security. “PSAN reflects our commitment to a partner-first, partner-only growth strategy and to helping organizations reduce risk where it matters most—at the user level.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Partners interested in the Push Security Advisor Network are invited to join a \u003Ca href=\"https://pushsecurity.com/webinar/partner\" rel=\"noopener noreferrer\" target=\"_blank\">webinar on June 11 to learn more\u003C/a>. Additional information can also be found at \u003Ca href=\"https://pushsecurity.com/partner\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/partner\u003C/a>.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser. Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":522},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":524,"@type":106,"tagName":131,"properties":525,"responsiveStyles":526},"builder-pixel-dzlr3j9t4ph",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":527},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":529},{"path":37,"query":530},{},{},1747742931676,1747665223657,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Feba2b499f02549c28f4d8afd925580aa",[],{"folders":537,"createdDate":538,"id":496,"name":539,"modelId":186,"published":13,"meta":540,"query":544,"data":547,"variations":577,"lastUpdated":578,"firstPublished":579,"testRatio":33,"screenshot":580,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1745458177519,"PR20250415 Push Security Secures Series B Funding",{"hasLinks":6,"originalContentId":541,"lastPreviewUrl":542,"breakpoints":543,"kind":225,"winningTest":118},"19b90d05ba504dac8aa46b58f782d224","https://app.dev.pushsecurity.com/news/push-security-secures-30-million-series-b-funding?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=4831d56a62b04968a7dcaceeeb760064&builder.overrides.4831d56a62b04968a7dcaceeeb760064=4831d56a62b04968a7dcaceeeb760064&builder.overrides.press-pages:/news/push-security-secures-30-million-series-b-funding=4831d56a62b04968a7dcaceeeb760064",{"small":39,"medium":40},[545],{"@type":162,"property":163,"operator":164,"value":546},"/news/push-security-secures-30-million-series-b-funding",{"seoTitle":548,"title":549,"seoDescription":548,"date":550,"ogImage":196,"themeId":6,"image":196,"blocks":551,"url":546,"state":574},"Push Security Secures $30 Million Series B Funding","Push Security Secures $30 Million Series B Funding Led by Redpoint Ventures to Fight the Rising Tide of Identity Attacks","Thu Apr 24 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",[552,561,569],{"@type":106,"@version":107,"id":553,"meta":554,"component":556,"responsiveStyles":559},"builder-0b720a68bddb433c982aee6365e9d742",{"previousId":555},"builder-41a85805059e47199018b3e72434829c",{"name":203,"options":557},{"text":558},"\u003Cp>\u003Cem>New investors Datadog Ventures and B3 Capital join the round to propel research, product development, and global expansion\u003C/em>\u003C/p>",{"large":560},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":517,"meta":562,"component":564,"responsiveStyles":567},{"previousId":563},"builder-cce331854dd346bc89ad5dd8578eb084",{"name":203,"options":565},{"text":566},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>BOSTON, Mass., April 24, 2025 — Push Security, a pioneer in detecting and responding to modern identity attacks in the browser, today announced a $30 million Series B funding round led by Redpoint Ventures, with participation from Datadog Ventures and B3 Capital. This investment will accelerate Push’s growth, fueling innovation and global expansion.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The round also saw involvement from existing investors, including Decibel and GV (Google Ventures), demonstrating strong confidence in Push Security’s mission to stop identity attacks — such as credential phishing and account takeover (ATO) using stolen credentials and tokens — a problem that has hit the industry hard, particularly in the last 12 months.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>This funding will enable Push Security to scale its platform capabilities, drive research and product development, and expand into new markets. It will also support strategic hiring to strengthen the company’s position as a leader in identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security’s browser-based identity security platform detects and intercepts identity attacks—such as zero-day phishing, credential stuffing, and session hijacking—before they escalate. By securing identities in the browser, Push helps organizations close security gaps left by traditional identity and security solutions. The platform also identifies vulnerabilities like stolen credentials, missing MFA controls, and non-SSO identities, enabling security teams to act proactively to close identity security gaps and stop breaches before they happen.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Compromised identities are now the prized target for attackers,” said Adam Bateman, CEO of Push Security. “Stolen credentials and phishing remain the top two causes of reported breaches, and high-profile incidents—like the Snowflake breach last summer— are showing us the massive impact they can have.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“We were the first to turn employees’ existing browsers into a powerful telemetry source and control point for stopping identity attacks,” he added. “This investment will push us further with what is possible in the browser and scale our impact globally to stop identity attacks.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>With Redpoint’s expertise in scaling transformative technology companies, and Datadog’s leadership in data-driven observability, Push is poised to redefine identity security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“In conversations with CISOs, it is clear that the new critical security perimeter is the browser,” said Erica Brescia, managing director at Redpoint Ventures. “With over 80 percent of cyber-attacks being identity-related, Push is uniquely positioned to protect organizations. We are thrilled to partner with the Push team as they execute on their mission to stop identity attacks.”&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Push recognizes that companies need to tackle identity attacks head-on by securing identities where it matters most—inside the browser,” said Bharat Sajnani, head of corporate development and ventures at Datadog. “Their research-driven approach is game-changing, and we’re excited to collaborate with them as they help organizations rethink identity security.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Since its founding, \u003Ca href=\"https://www.businesswire.com/news/home/20250122394289/en/Push-Security-Recognized-as-a-Rising-Star-for-ITDR-by-KuppingerCole-Analysts\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security has been recognized\u003C/a> as an early innovator for its unique approach to detecting and responding to identity attacks. The company’s research-based approach has led to significant contributions to the space including its SaaS attack matrix, an open source repository of SaaS-native attack techniques, which is now widely used by security researchers, red and blue teams, and penetration testers around the world. This research focus is at the heart of&nbsp;Push’s threat-informed product feature development which, combined with its browser technology, is significantly more effective at stopping identity attacks earlier and with much greater accuracy&nbsp;than anything that has come before.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security has experienced rapid growth, serving customers across industries including technology, finance, and healthcare. In January 2025, Push’s customer base grew 380 percent year-over-year, and its platform is now deployed on more than 1.5 million endpoints globally as identity attacks and the growing recognition that these threats can be mitigated in the browser gains momentum. Additionally, the company more than doubled its employee headcount over the past year and \u003Ca href=\"https://pushsecurity.com/news/former-crowdstrike-sales-leader-joins-push-security-cro\" rel=\"noopener noreferrer\" target=\"_blank\">welcomed Chief Revenue Officer Kevin Arsenault\u003C/a>, former sales leader at CrowdStrike and Proofpoint, and \u003Ca href=\"https://pushsecurity.com/news/chris-tilton-new-push-cmo\" rel=\"noopener noreferrer\" target=\"_blank\">new Chief Marketing Officer Chris Tilton\u003C/a>, formerly with Cobalt.io and Bugcrowd, to its executive ranks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Bateman also shared more of his thoughts on today’s news on the \u003Ca href=\"https://www.pushsecurity.com/blog/series-b-and-beyond\" rel=\"noopener noreferrer\" target=\"_blank\">Push Security blog\u003C/a>.&nbsp;\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":568},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":570,"@type":106,"tagName":131,"properties":571,"responsiveStyles":572},"builder-pixel-og7t9m1yhe",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":573},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":575},{"path":37,"query":576},{},{},1745497089152,1745497089109,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F41a48ea4b57e41d9aff5505a794f7ad1",{"folders":582,"createdDate":583,"id":584,"name":585,"modelId":186,"published":13,"meta":586,"query":590,"data":593,"variations":614,"lastUpdated":615,"firstPublished":616,"testRatio":33,"screenshot":617,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1745017463013,"e749afd93195461faa499d3bb630f134","PR20250122 Push Security Recognized as a Rising Star for ITDR",{"winningTest":118,"breakpoints":587,"lastPreviewUrl":588,"kind":225,"hasLinks":6,"originalContentId":589},{"xsmall":57,"small":39,"medium":40},"https://app.dev.pushsecurity.com/news/push-security-recognized-as-rising-star-itdr/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=e749afd93195461faa499d3bb630f134&builder.overrides.e749afd93195461faa499d3bb630f134=e749afd93195461faa499d3bb630f134&builder.overrides.press-pages:/news/push-security-recognized-as-rising-star-itdr/=e749afd93195461faa499d3bb630f134","fc6c5191bdb342aa970647ff26a5ecb9",[591],{"@type":162,"property":163,"operator":164,"value":592},"/news/push-security-recognized-as-rising-star-itdr/",{"themeId":6,"seoDescription":594,"ogImage":196,"date":595,"title":594,"seoTitle":594,"image":430,"blocks":596,"url":592,"state":611},"Push Security Recognized as a Rising Star for ITDR by KuppingerCole Analysts","Wed Jan 22 2025 00:00:00 GMT-0800 (Pacific Standard Time)",[597,606],{"@type":106,"@version":107,"id":598,"meta":599,"component":601,"responsiveStyles":604},"builder-783cd132d4244f0a909dd0295bc2f72c",{"previousId":600},"builder-2a486bdd0f844c4cb90e4c3017f16f50",{"name":203,"options":602},{"text":603},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Jan. 22, 2025 — Push Security, a pioneer in identity threat detection and response (ITDR), is proud to announce its recent recognition as a \"Rising Star\" for ITDR by KuppingerCole Analysts, a global, independent analyst organization headquartered in Europe. This accolade highlights Push Security’s commitment to advancing the security landscape with its unique browser-based platform that enables security operations teams to detect and stop identity attacks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The “Rising Star” designation is awarded to companies that demonstrate exceptional innovation, market impact, and growth potential. Push Security has earned this recognition for its transformative approach to managing and securing workforce identities, focusing real-time attack interception and proactive response and remediation.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“We are honored to receive this recognition from KuppingerCole,” said Adam Bateman, CEO of Push Security. “Defending users against identity-related attacks is a top priority for all the security teams we speak to who recognise that they need to be able to detect and respond to identity attacks at the earliest opportunity.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Identity attacks are the most significant threat facing security teams today as attackers look to take advantage of the huge numbers of unsecured accounts attached to the sprawl of business apps that organizations now rely on,” continued Bateman. “Push is committed to delivering an ITDR capability that is able to adapt to the complexities of modern identity infrastructure and gives security teams an edge over their adversaries, and to be named ‘Rising Star’ is true validation of our approach.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>KuppingerCole “Rising Star” designation is a testament to Push Security’s rapid growth and impact in the identity security space. As identity-based attacks like phishing, credential theft, and session hijacking continue to rise, Push Security remains at the forefront of providing innovative defenses that secure every workforce identity.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Push Security’s innovative approach to securing workforce identities stands out in an increasingly complex threat landscape,” said Martin Kuppinger, principal analyst at KuppingerCole Analysts AG. “By focusing on real-time interception in the browser that meets the user where they work, they are addressing some of the most pressing challenges organizations face today. The ‘Rising Star’ award highlights their strong potential to impact the future of identity security.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>From the\u003Cem>&nbsp;KuppingerCole 2024 Rising Star: Push Security&nbsp;\u003C/em>report: “Push Security demonstrates a strong product/market fit by addressing the surge in identity-based attacks, the most common vector for breaches. Organizations increasingly recognize the need for specialized ITDR tools, positioning Push Security as a critical component of modern cybersecurity strategies.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The report also emphasized “solutions like Push Security’s, which provide unique telemetry and enhance cross-platform visibility, are poised to become integral to cybersecurity strategies.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>The full&nbsp;\u003Cem>KuppingerCole 2024 Rising Star: Push Security&nbsp;\u003C/em>is available for download on&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fresources%2Fkuppingercole-report%3Futm_source%3Dpr%26utm_medium%3Dexternal%26utm_campaign%3Dpress-release%26utm_content%3Dkuppingercole&amp;esheet=54183640&amp;newsitemid=20250122394289&amp;lan=en-US&amp;anchor=the+Push+website&amp;index=1&amp;md5=7f57f6cab01193249d475b9402597e65\" rel=\"noopener noreferrer\" target=\"_blank\">the Push website\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":605},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":607,"@type":106,"tagName":131,"properties":608,"responsiveStyles":609},"builder-pixel-y7arh0rgqkn",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":610},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":612},{"path":37,"query":613},{},{},1745610821555,1745017629552,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F289d1b1530e449078aa99129811ebc04",{"folders":619,"createdDate":620,"id":589,"name":621,"modelId":186,"published":13,"meta":622,"query":626,"data":629,"variations":658,"lastUpdated":659,"firstPublished":660,"testRatio":33,"screenshot":661,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1745017138329,"PR20241203 Push Security Launches New Stolen Credentials Detection Capability",{"breakpoints":623,"hasLinks":6,"kind":225,"lastPreviewUrl":624,"originalContentId":625,"winningTest":118},{"small":39,"medium":40},"https://app.dev.pushsecurity.com/news/push-security-launches-new-stolen-credentials-detection-capability?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=fc6c5191bdb342aa970647ff26a5ecb9&builder.overrides.fc6c5191bdb342aa970647ff26a5ecb9=fc6c5191bdb342aa970647ff26a5ecb9&builder.overrides.press-pages:/news/push-security-launches-new-stolen-credentials-detection-capability=fc6c5191bdb342aa970647ff26a5ecb9&builder.options.includeRefs=true&builder.options.enrich=true","cd5705801c124f03a28b91b474723a77",[627],{"@type":162,"property":163,"operator":164,"value":628},"/news/push-security-launches-new-stolen-credentials-detection-capability",{"date":630,"title":631,"ogImage":632,"seoTitle":633,"themeId":6,"image":632,"seoDescription":633,"blocks":634,"url":628,"state":655},"Tue Dec 03 2024 00:00:00 GMT-0800 (Pacific Standard Time)","Push Security Transforms Threat Intelligence Analysis With New Verified Stolen Credentials Detection Capability","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F74357f3d2ed647e78368d7ad6fcfac7b","Push Security Launches New Stolen Credentials Detection Capability",[635,642,650],{"@type":106,"@version":107,"id":636,"component":637,"responsiveStyles":640},"builder-787a1f4a964441958e9c59d1e2ce3e1f",{"name":203,"options":638},{"text":639},"\u003Cp>\u003Cem>New feature eliminates high false positive rates in TI data, helping security teams cut through the noise\u003C/em>\u003C/p>",{"large":641},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":600,"meta":643,"component":645,"responsiveStyles":648},{"previousId":644},"builder-85b54d9d32754412a9b7d4b96ca9b9e4",{"name":203,"options":646},{"text":647},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Dec. 3, 2024 — Push Security, a pioneer in identity threat detection and response (ITDR), today unveiled verified stolen credentials detection capability, a new feature designed to reshape how security teams combat identity threats. By analyzing threat intelligence (TI) on stolen credentials and comparing it against active credentials in customer environments, the Push platform eliminates false positives, delivering only actionable alerts to help organizations protect compromised workforce identities.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>This paradigm shift promises to drastically reduce the noise security teams face, empowering them to act swiftly on verified threats without wading through unreliable or redundant TI data.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>A Game-Changer for Security Teams\u003C/strong>\u003C/h4>\u003Cp>Some of the general challenges that security teams face when using TI to identify stolen credentials include:\u003C/p>\u003Cul>\u003Cli>Stolen passwords may appear in intelligence as new breaches, but the data is actually a recycled combolist (aggregated list of lists) rather than a new incident.\u003C/li>\u003Cli>Infostealer threat intel can stem from a personal device that was compromised and once accessed corporate assets, but is no longer active or using that password.\u003C/li>\u003Cli>TI sources may alert on stolen credentials for a specific app following a breach, but the creds are no longer in use there; however, with password reuse being a common practice, they could still be used on a different high-value app.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"Many TI vendors excel at collecting data from hard-to-access sources, but security teams are often overwhelmed by false positives,\" said Jacques Louw, co-founder and chief product officer at Push Security. \"With low actionable intelligence rates and recycled credentials muddying the waters, alerts are frequently ignored or feeds disabled. Our verified stolen credentials detection capability cuts through the noise, providing only verified threats that teams can act on immediately.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security's approach is to create fingerprints of potentially stolen passwords by salting, hashing and truncating them and then sending these fingerprints to the browser agent for comparisons. In this way no password material ever leaves the secure browser context.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Why This Matters Now\u003C/strong>\u003C/h4>\u003Cp>The rise of credential-based cyberattacks has reached alarming levels in the past few years:\u003C/p>\u003Cul>\u003Cli>IBM reports a&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.ibm.com%2Freports%2Fthreat-intelligence&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=71%25+year-over-year+increase&amp;index=1&amp;md5=da81be5dcaa84cebb1d717f792c1e578\" rel=\"noopener noreferrer\" target=\"_blank\">71% year-over-year increase\u003C/a>&nbsp;in cyberattacks leveraging stolen or compromised credentials, making them the top initial access method for cyber intrusions.\u003C/li>\u003Cli>\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgo.recordedfuture.com%2Fhubfs%2Freports%2Fta-2024-0321.pdf&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=Recorded+Future+observed+a+135%25+increase&amp;index=2&amp;md5=d56d3e4c0dd47863ca135d08ddb9b90b\" rel=\"noopener noreferrer\" target=\"_blank\">Recorded Future observed a 135% increase\u003C/a>&nbsp;in harvested credentials last year and a 166% spike in those bundled with cookies, enabling attackers to bypass MFA protections.\u003C/li>\u003Cli>Meanwhile, Mandiant’s last two&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fcloud.google.com%2Fsecurity%2Fresources%2Fm-trends&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=M-Trends+reports&amp;index=3&amp;md5=ee633dfdd157b13adcb8e221c3da0949\" rel=\"noopener noreferrer\" target=\"_blank\">M-Trends reports\u003C/a>&nbsp;found that stolen creds were the third and fourth most-used initial intrusion method of the last two years.\u003C/li>\u003Cli>And, Cisco Talos researchers found that the&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fblog.talosintelligence.com%2Fcisco-talos-2023-year-in-review%2F&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=use+of+valid+accounts&amp;index=4&amp;md5=7baab373ae4ed8f60f7603d9c1fb391a\" rel=\"noopener noreferrer\" target=\"_blank\">use of valid accounts\u003C/a>&nbsp;was the second-most common attack technique in their 2023 findings.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Despite the critical nature of this threat, security teams often face overwhelming volumes of stolen credential alerts, many of which are inaccurate, recycled, or outdated. Push Security’s verified stolen credentials detection addresses this challenge head-on.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Unique Insights: Push Security Finds TI False Positive Rates at Astonishing 99.5%\u003C/strong>\u003C/h4>\u003Cp>\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=A+recent+review+of+TI+data&amp;index=5&amp;md5=b42d2e8edad2e74bfb0fff21dbed6773\" rel=\"noopener noreferrer\" target=\"_blank\">A recent review of TI data\u003C/a>&nbsp;by Push Security researchers found that less than 1% of threat intelligence in a multi-vendor dataset on stolen credentials was actionable for its customer base. In other words, more than 99% of the stolen credentials checked were false positives at the time of the review. Push researchers evaluated threat intelligence data from several popular vendors and found 5,763 username and password combinations that matched Push customer employees.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>After analyzing threat intelligence data from multiple vendors, the company found:\u003C/p>\u003Cul>\u003Cli>Out of 5,763 stolen username and password combinations matching customer domains, only&nbsp;\u003Cstrong>0.5% were still valid\u003C/strong>&nbsp;in customer environments.\u003C/li>\u003Cli>TI sources frequently flagged recycled credential lists or data from inactive accounts, diluting the actionable intelligence.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“By focusing on only true positives, Push Security’s new verified stolen credentials feature enables organizations to respond to this intelligence with confidence they aren’t chasing another dead end, upping the odds of taking action in time to prevent impact,” said Louw. “This capability is a game-changer for security teams facing an ever-growing wave of credential-based identity attacks. The Push platform ensures that teams spend their time addressing verified, actionable alerts rather than sifting through endless false positives.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As credential theft continues to rise, this new feature complements the important work of threat intelligence vendors and provides a clear path for security teams to stay ahead of attackers and protect their organizations,\" added Louw.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>Availability and Integration\u003C/strong>\u003C/h4>\u003Cp>This new capability is included at no additional cost for Push Security customers and is seamlessly integrated into the existing platform, making it easier than ever to leverage powerful TI data without adding operational burden.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>For more information on Push Security and its verified stolen credentials detection feature, visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;esheet=54160151&amp;newsitemid=20241203364361&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fverified-stolen-credential-detection&amp;index=6&amp;md5=0db18f05d645c6ffa65ce47f4633ea45\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/verified-stolen-credential-detection\u003C/a>.\u003C/p>\u003Ch4>\u003Cbr>\u003C/h4>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":649},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":651,"@type":106,"tagName":131,"properties":652,"responsiveStyles":653},"builder-pixel-3wna1hfoans",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":654},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":656},{"path":37,"query":657},{},{},1745458753323,1745017460011,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F87c1b1d19ee0405cb191c94cc8ae375f",{"folders":663,"createdDate":664,"id":625,"name":665,"modelId":186,"published":13,"meta":666,"query":670,"data":673,"variations":701,"lastUpdated":702,"firstPublished":703,"testRatio":33,"screenshot":704,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1745016824199,"PR20241121 Former Crowdstrike Sales Leader Joins Push as CRO",{"winningTest":118,"hasLinks":6,"breakpoints":667,"kind":225,"originalContentId":668,"lastPreviewUrl":669},{"small":39,"medium":40},"a3bb1ec62ef34682a686618d761f37f4","https://app.dev.pushsecurity.com/news/former-crowdstrike-sales-leader-joins-push-security-cro?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=cd5705801c124f03a28b91b474723a77&builder.overrides.cd5705801c124f03a28b91b474723a77=cd5705801c124f03a28b91b474723a77&builder.overrides.press-pages:/news/former-crowdstrike-sales-leader-joins-push-security-cro=cd5705801c124f03a28b91b474723a77&builder.options.includeRefs=true&builder.options.enrich=true",[671],{"@type":162,"property":163,"operator":164,"value":672},"/news/former-crowdstrike-sales-leader-joins-push-security-cro",{"image":430,"themeId":6,"ogImage":430,"seoTitle":674,"title":675,"seoDescription":674,"date":676,"blocks":677,"url":672,"state":698},"New Security Alert: Cross-IdP Impersonation ","Former CrowdStrike Sales Leader Joins Push Security as Chief Revenue Officer","Thu Nov 21 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[678,685,693],{"@type":106,"@version":107,"id":679,"component":680,"responsiveStyles":683},"builder-27db37e2666f4564968f99fe7ece3480",{"name":203,"options":681},{"text":682},"\u003Cp>\u003Cem>Kevin Arsenault brings extensive experience in building high performance teams to browser-based ITDR space\u003C/em>\u003C/p>",{"large":684},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":644,"meta":686,"component":688,"responsiveStyles":691},{"previousId":687},"builder-bf6b0443a59c42d088b66d825dc3c0f9",{"name":203,"options":689},{"text":690},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Nov. 21, 2024 — Push Security, a pioneer in identity threat detection and response (ITDR), today announced that Kevin Arsenault has joined the company as Chief Revenue Officer (CRO). Arsenault has a distinguished background and proven success at other cutting-edge cybersecurity companies, including Proofpoint, an innovative cybersecurity and compliance vendor, and endpoint detection and response (EDR) leader CrowdStrike. He brings a wealth of expertise that will support Push Security’s mission to redefine identity security by securing browser-based identity threat visibility and response.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Arsenault brings the experience of more than two decades in sales leadership to Push, most recently as CRO for Ordr, a leader in connected device security. Prior to Ordr he was part of the early sales team at CrowdStrike, which was instrumental in building strong revenue growth and helping take the company to a billion-plus valuation in its 2019 initial public offering. Continued success led to him ultimately serving as vice president of sales for North America. Before CrowdStrike, he was vice president of worldwide advanced security and information governance sales at Proofpoint, helping build the sales team and revenues in advance of a highly successful 2012 IPO which saw a 30 percent increase in share price during its debut.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“We’re incredibly excited to welcome Kevin to the Push team,” said Adam Bateman, co-founder and CEO of Push Security. “Kevin joined CrowdStrike at a time when attackers had shifted their focus from attacking the network perimeter, to attacking endpoints. At that time, security teams lacked the telemetry and visibility required to detect attacker activity at the endpoint. Now he's joining Push at a time where attackers have shifted from the endpoint to identities in the cloud. We've both lived through these big shifts in attacker tactics before, so we make the perfect team to help the industry advance the ITDR space.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security’s distinctive browser-based ITDR approach leverages unique telemetry and in-browser response controls to identify, intercept, and shut down identity attacks as they happen. By adopting this proactive and identity-focused stance, Push Security aims to advance the ITDR space in a way that mirrors the shift seen in EDR, which was largely driven by innovations like those championed at CrowdStrike and other emerging players.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“I’m thrilled to join Push Security at such a pivotal time in the evolution of identity security,” said Arsenault. “Just as the advent of EDR set a new standard, Push has a similar opportunity to make an impact in ITDR. Our approach to leveraging the browser as a telemetry source and control point is uniquely positioned to address critical gaps in identity security, particularly against sophisticated threats like adversary-in-the-middle attacks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“This is the future of proactive identity defense, and I’m excited to bring my experience to drive the company into its next phase,” he added.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Unlike traditional tools that primarily protect at the device level, Push brings a distinct approach to ITDR, focusing on cloud and browser visibility, capturing insights into potential identity threats in a way that fundamentally addresses key vulnerabilities in modern security tools and frameworks.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As Push Security continues to expand, the company remains committed to building a diverse and innovative team dedicated to redefining identity security for the modern enterprise,” added Bateman. “Bringing Kevin on to the team signifies a strategic commitment to our growth and leadership within ITDR, as we continue our focus on protecting organizations from emerging threats to the new identity perimeter.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Arsenault has shared more reasons for joining Push Security on the company blog:&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fwhy-im-joining-push-security-the-team-redefining-itdr&amp;esheet=54156000&amp;newsitemid=20241121746989&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fwhy-im-joining-push-security-the-team-redefining-itdr&amp;index=1&amp;md5=3a0ccc2072d95890d72847c497733c6c\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/why-im-joining-push-security-the-team-redefining-itdr\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>For more information about Push Security and open positions, visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.pushsecurity.com&amp;esheet=54156000&amp;newsitemid=20241121746989&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com&amp;index=2&amp;md5=cc5718e676c0456356e872e1fdd081bf\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":692},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":694,"@type":106,"tagName":131,"properties":695,"responsiveStyles":696},"builder-pixel-mfoli8xygw9",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":697},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":699},{"path":37,"query":700},{},{},1745458778789,1745017133363,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F4140102b9ee44645842078b5437212c9",{"folders":706,"createdDate":707,"id":668,"name":708,"modelId":186,"published":13,"meta":709,"query":713,"data":716,"variations":745,"lastUpdated":746,"firstPublished":747,"testRatio":33,"screenshot":748,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1745016416170,"PR20241119 New Security Alert: Cross IDP Impersonation ",{"winningTest":118,"breakpoints":710,"hasLinks":6,"kind":225,"lastPreviewUrl":711,"originalContentId":712},{"small":39,"medium":40},"https://app.dev.pushsecurity.com/news/push-security-new-security-alert-cross-IDP-impersonation?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=a3bb1ec62ef34682a686618d761f37f4&builder.overrides.a3bb1ec62ef34682a686618d761f37f4=a3bb1ec62ef34682a686618d761f37f4&builder.overrides.press-pages:/news/push-security-new-security-alert-cross-IDP-impersonation=a3bb1ec62ef34682a686618d761f37f4&builder.options.includeRefs=true&builder.options.enrich=true","f0db5df32b904435841922cd66c7db65",[714],{"@type":162,"property":163,"operator":164,"value":715},"/news/push-security-new-security-alert-cross-IDP-impersonation",{"title":717,"date":718,"image":430,"themeId":6,"seoTitle":674,"ogImage":430,"seoDescription":674,"blocks":719,"url":715,"state":742},"New Security Alert from Push Security: Cross-IDP Impersonation Threatens SSO Security to Gain Unauthorized Access to Downstream Apps","Tue Nov 19 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[720,729,737],{"@type":106,"@version":107,"id":721,"meta":722,"component":724,"responsiveStyles":727},"builder-a5c13d9a57534405bd0a7d38f2d14a88",{"previousId":723},"builder-1d2bfddaed9a4fb6840f3df35157e3b2",{"name":203,"options":725},{"text":726},"\u003Cp>\u003Cem style=\"font-size: 16px;\">Push adds Cross-IdP impersonation to the SaaS attack matrix, enabling fraudulent IdP accounts to be used\u003C/em>\u003C/p>",{"large":728},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":687,"meta":730,"component":732,"responsiveStyles":735},{"previousId":731},"builder-81c491477b064c92b23bca18cec21736",{"name":203,"options":733},{"text":734},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Nov. 19, 2024 — Security researchers at Push Security, a pioneer in identity threat detection and response (ITDR), have identified a new technique used by attackers known as \"Cross-IdP Impersonation,\" that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream applications without compromising a company's primary identity provider (IdP). Recent high-profile vulnerabilities, including ones involving Zendesk and Google, demonstrate the increasing risk this technique poses for organizations relying on SSO for secure access to software-as-a-service (SaaS) apps.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation exploits a flaw in SSO configurations by allowing attackers to create fraudulent IdP accounts matching an organization’s domain, which are then used to access downstream apps via SSO. This tactic enables unauthorized access to various downstream applications, bypassing even the most secure primary IdP protections.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Notable Examples of Cross-IdP Impersonation\u003C/strong>\u003C/h4>\u003Cp>Two recent cases have highlighted the impact of Cross-IdP impersonation. In one instance, a&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgist.github.com%2Fhackermondev%2F68ec8ed145fcee49d2f5e2b9d2cf2e52&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=15-year-old+researcher+abused+a+flaw+in+Zendesk&amp;index=1&amp;md5=3e245a76f52b6f21e6bd16548370751d\" rel=\"noopener noreferrer\" target=\"_blank\">15-year-old researcher abused a flaw in Zendesk\u003C/a>&nbsp;to create fraudulent Apple SSO accounts linked to hundreds of legitimate company domains. Using this newly created IdP account, the researcher could infiltrate connected apps, including Slack, exposing potentially sensitive information across multiple business applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In another example,&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fkrebsonsecurity.com%2F2024%2F07%2Fcrooks-bypassed-googles-email-verification-to-create-workspace-accounts-access-3rd-party-services%2F&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=a+now-resolved+Google+domain+verification+flaw&amp;index=2&amp;md5=20a0da7ace3250189c28c47b4db1082b\" rel=\"noopener noreferrer\" target=\"_blank\">a now-resolved Google domain verification flaw\u003C/a>&nbsp;previously enabled newly created Google Workspace accounts to authenticate via SSO without requiring domain verification, which could then be used to access login to downstream applications usually accessed with a different SSO provider.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Security Implications and Attack Surface\u003C/strong>\u003C/h4>\u003Cp>“Cross-IdP impersonation could be likened to&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fghost-logins-when-forgotten-identities-come-back-to-haunt-you%2F&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=ghost+logins&amp;index=3&amp;md5=2d3dd5c0ea386eed146f3c5289a6f0bc\" rel=\"noopener noreferrer\" target=\"_blank\">ghost logins\u003C/a>&nbsp;on steroids,” said Dan Green, security researcher at Push Security. “This attack method bypasses traditional security safeguards that protect main IdP accounts. It doesn’t matter how locked down your primary IdP account is if attackers can simply create a new one for your domain.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“In the examples we’ve seen in the wild, these attacks required no user interaction by exploiting configuration weaknesses in IdP and SaaS services. But the same result could be achieved through convincing social engineering scams, without needing to phish MFA factors or lure users to malicious webpages,” he continued.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security tests on the most popular applications used by Push customers revealed that 3 in 5 of the apps tested do not require re-verification by default when adding a new SSO login method, meaning that an attacker can log in with a newly registered IdP and take over the accounts on downstream applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Mitigation and Security Recommendations\u003C/strong>\u003C/h4>\u003Cp>Push Security recommends that organizations take proactive steps to defend against Cross-IdP impersonation:\u003C/p>\u003Cul>\u003Cli>Set Email Alerts: Implement automated email alerts for new IdP activation emails sent to employees, providing visibility into unauthorized IdP connections to company domains.\u003C/li>\u003Cli>Restrict Account Conversion: Where configurable, prevent the conversion of personal accounts to corporate accounts within primary IdP platforms.\u003C/li>\u003Cli>Enforce Re-Verification Protocols: Where configurable, require downstream applications to enforce re-verification when adding new SSO methods. Requiring login with the original method, rather than email approval, is a more secure approach.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>A Growing Threat Landscape\u003C/strong>\u003C/h4>\u003Cp>With the success of recent attacks, both attackers and security researchers are expected to focus increasingly on Cross-IdP impersonation techniques.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As applications typically integrate with several IdPs, the inconsistencies in authentication are creating exploitable gaps in SaaS security across applications,” said Green.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Organizations are urged to monitor and tighten SaaS and IdP configurations and prepare to detect and respond to unauthorized SSO methods being used.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation could be mitigated with a unified approach to SSO verification by SaaS providers by ensuring re-verification upon a new method being added, but companies must act now to protect their data, accounts, and applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security has updated its popular&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fgithub.com%2Fpushsecurity%2Fsaas-attacks&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=SaaS+attack+matrix+resource&amp;index=4&amp;md5=bc097be7d0189d9654c7b283a03bb5b6\" rel=\"noopener noreferrer\" target=\"_blank\">SaaS attack matrix resource\u003C/a>, used by security teams to simulate and defend against SaaS and identity attacks, and has provided more details on this cross-IdP impersonation trend on the Push Security blog:&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&amp;esheet=54154704&amp;newsitemid=20241119299695&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&amp;index=5&amp;md5=7761e208ec7d407deac28dd3c469e478\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/cross-idp-impersonation\u003C/a>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":736},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":738,"@type":106,"tagName":131,"properties":739,"responsiveStyles":740},"builder-pixel-p6npqcqzy6j",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":741},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":743},{"path":37,"query":744},{},{},1745458803786,1745016786985,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F66c168a80899409889fd0445f52e7e03",{"createdDate":750,"id":712,"name":751,"modelId":186,"published":13,"query":752,"data":755,"variations":782,"lastUpdated":783,"firstPublished":784,"testRatio":33,"screenshot":785,"createdBy":222,"lastUpdatedBy":53,"folders":786,"meta":787,"rev":274},1745015871258,"PR20230402 Push Security Raises $15M Series A Round",[753],{"@type":162,"property":163,"operator":164,"value":754},"/news/push-security-Raises-15M-Series-A-Round",{"seoTitle":756,"title":757,"image":284,"ogImage":284,"themeId":6,"date":758,"seoDescription":756,"blocks":759,"url":754,"state":779},"Push Security Raises $15M Series A Round","Push Security Raises $15M and Launches New Visibility and Employee-Powered Tools to Help Enterprises Scale SaaS Security","Sun Apr 02 2023 00:00:00 GMT-0700 (Pacific Daylight Time)",[760,766,774],{"@type":106,"@version":107,"id":723,"component":761,"responsiveStyles":764},{"name":203,"options":762,"isRSC":118},{"text":763},"\u003Cp>\u003Cem>Hundreds of teams at companies like Upvest, Inductive Automation and Sanlam use Push to significantly reduce security risks from SaaS usage\u003C/em>\u003C/p>",{"large":765},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":731,"meta":767,"component":769,"responsiveStyles":772},{"previousId":768},"builder-5b4cafb7e0bb420781648c98308e3e5f",{"name":203,"options":770,"isRSC":118},{"text":771},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, April 2, 2023 — Push Security, simplifying SaaS security for modern IT and cybersecurity teams, has raised $15M in Series A funding. GV (\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.gv.com%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Google+Ventures&amp;index=2&amp;md5=ff527e6adb8bbb429a908b5fa3140dc9\" rel=\"noopener noreferrer\" target=\"_blank\">Google Ventures\u003C/a>) led the funding with participation from&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.decibel.vc%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Decibel&amp;index=3&amp;md5=9c11affb682543e6d086d26caf2a2aae\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;and notable angels, including&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fdugsong%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Dug+Song&amp;index=4&amp;md5=332409d5e9fd3057901c68d18e2df27c\" rel=\"noopener noreferrer\" target=\"_blank\">Dug Song\u003C/a>, co-founder and former CEO at Duo Security, and Tray.io co-founder and CEO&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Frichwaldron%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Rich+Waldron&amp;index=5&amp;md5=bf810a728bee51aa4c8b215f3accdda2\" rel=\"noopener noreferrer\" target=\"_blank\">Rich Waldron\u003C/a>. GV General Partner&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fkarimfaris%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Karim+Faris&amp;index=6&amp;md5=646bafa310c7737e87482efb8c432e2f\" rel=\"noopener noreferrer\" target=\"_blank\">Karim Faris\u003C/a>&nbsp;and&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fjonoberheide%2F&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=Jon+Oberheide&amp;index=7&amp;md5=afec65f350fcc0ce20d1288fe681ba2c\" rel=\"noopener noreferrer\" target=\"_blank\">Jon Oberheide\u003C/a>, co-founder and former CTO of Duo Security, have joined the board.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Hundreds of teams and more than 50,000 users rely on Push Security to uncover any employee-owned SaaS deployed within the business and quickly remediate critical security vulnerabilities exposed by SaaS use. To ensure Push was scalable, able to support the smallest to the largest organizations, and that the product could provide a fully self-service purchasing and onboarding process, the company was focused on strong UX and building the right features after launching in July 2022. Now that the company can focus on commercial success, Push has seen a 14X increase in revenue in the first quarter of 2023.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>According to Push’s data, unchecked SaaS usage has increased significantly in the past year, leading to growing costs and security risks for enterprises:\u003C/p>\u003Cul>\u003Cli>Since its launch last year in July 2022, Push has added nearly 500 SaaS apps.\u003C/li>\u003Cli>41 percent of Microsoft 365 and 55 percent of Google Workspace app integrations were only used by a single employee.\u003C/li>\u003Cli>23 percent of Microsoft integrations and 17 percent of Google integrations granted access to high risk assets and data such as email, calendar, and shared drives.\u003C/li>\u003Cli>Only one-third of Microsoft app integrations were approved by IT via OAuth. The other two thirds were provisioned directly by employees with no IT oversight or visibility.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"As security professionals, we're facing a significant increase in SaaS risk and as a result, rethinking how we approach company security,\" said Adam Bateman, Push Security’s co-founder and CEO. \"An explosion in SaaS adoption, coupled with a big push to self-service platforms driven by product-led growth (PLG), means employees increasingly sign up and buy SaaS directly without going through the security team first. This creates an unwieldy sprawl of SaaS applications being introduced to the business with no corporate oversight. Security teams have to play catch-up to ensure these apps aren’t exposing their businesses to undue security risks or invalidating their security compliance.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Today Push Security is launching a host of new features to help security teams take control of their SaaS portfolio:\u003C/p>\u003Cul>\u003Cli>\u003Cstrong>The Industry's First and Only Browser-Based SaaS Account Discovery Tool.&nbsp;\u003C/strong>Because it is the only platform to operate in the browser, Push enables a deeper, more complete assessment of user accounts employees have created that could be vulnerable to password guessing, credential stuffing, have been exposed as part of a prior breach, or are missing important security controls such as MFA.\u003C/li>\u003Cli>\u003Cstrong>Just-in-Time Notifications Empowering User-Led Compliance.&nbsp;\u003C/strong>Alerts are\u003Cstrong>&nbsp;\u003C/strong>directed to security teams and employees through Slack and Microsoft Teams instant notifications to prevent employees from creating security issues, such as prevention of password re-use or weak passwords. With one click, employees can take action to secure their accounts.\u003C/li>\u003Cli>\u003Cstrong>Managed Browser Extension Deployment.&nbsp;\u003C/strong>Push can be installed via managed Chrome, Group Policy (Microsoft Active Directory), or Mobile Device Management (MDM) to every employee browser to ensure complete coverage.\u003C/li>\u003Cli>\u003Cstrong>Detection of Risky Third-Party Integrations.\u003C/strong>&nbsp;A new dashboard allows security teams to see all SaaS integrations\u003Cem>&nbsp;\u003C/em>connected to core platforms (Google Workspace and Microsoft 365), with warnings if those integrations are doing anything suspicious or malicious, or asking for excessive or risky permissions.\u003C/li>\u003Cli>\u003Cstrong>ChatOps Messaging for Security Teams&nbsp;\u003C/strong>- Now Push administrators can receive notifications in Microsoft Teams or Slack channels to get alerted immediately when a new third-party integration is detected or a user contacted via ChatOps confirms that a mail rule looks suspicious.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"The threat landscape has shifted dramatically, as organizational IT resources have evolved from centrally-managed and hosted applications to team- or employee-managed cloud hosted SaaS with deep interdependencies (via integrations),\" shares Sebastien Jeanquier, Chief Security Officer at fintech company Upvest. \"Push allows us to gain deep insights into the usage of SaaS across our organization, including integrations that could pose a risk to company data, but also automate the remediation of these at scale by involving the internal users of SaaS application directly in the assessment and decision making.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The global workforce is moving toward greater freedom and flexibility with SaaS applications, which introduces new security complexities and challenges,” says Karim Faris, General Partner at GV. “That trend presents a critical need for better, simpler tools that engage employees and take the burden off centralized IT to manage SaaS sprawl. GV is excited to partner with the Push team as they help modern security teams navigate the evolving cybersecurity threat landscape.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push is free to try and free to use for up to 10 users.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Visit&nbsp;\u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&amp;url=https%3A%2F%2Fpushsecurity.com%2F%3Futm_source%3Dbusiness-wire%26utm_medium%3Dpress-release%26utm_campaign%3Dseries-a&amp;esheet=53372319&amp;newsitemid=20230331005458&amp;lan=en-US&amp;anchor=https%3A%2F%2Fpushsecurity.com%2F&amp;index=8&amp;md5=7804c8833580dc30d17b4d70e3574f25\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/\u003C/a>&nbsp;to sign up and start your trial.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":773},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":775,"@type":106,"tagName":131,"properties":776,"responsiveStyles":777},"builder-pixel-fo4a1hyt50g",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":778},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":780},{"path":37,"query":781},{},{},1763114195445,1745016403288,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fcfdf5c236cb146a681fb6dba9e4fadb6",[],{"originalContentId":788,"lastPreviewUrl":789,"kind":225,"hasLinks":6,"breakpoints":790,"winningTest":118,"hasAutosaves":6},"ab716a918d7a4962a6edbad4dcae366b","https://pushsecurity.com/news/push-security-Raises-15M-Series-A-Round?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=f0db5df32b904435841922cd66c7db65&builder.overrides.f0db5df32b904435841922cd66c7db65=f0db5df32b904435841922cd66c7db65&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"folders":792,"createdDate":793,"id":788,"name":794,"modelId":186,"published":13,"query":795,"data":798,"variations":825,"lastUpdated":826,"firstPublished":827,"testRatio":33,"screenshot":828,"createdBy":222,"lastUpdatedBy":53,"meta":829,"rev":274},[],1745015065401,"PR20220719 Push Security Announces $4M Seed Round",[796],{"@type":162,"property":163,"operator":164,"value":797},"/news/push-security-announces-4M-Seed-Round",{"title":799,"image":196,"themeId":6,"date":800,"seoDescription":801,"seoTitle":801,"ogImage":196,"blocks":802,"url":797,"state":822},"Push Security Announces $4M Seed Round to Introduce User-Centric Approach to Securing SaaS","Tue Jul 19 2022 00:00:00 GMT-0700 (Pacific Daylight Time)","Push Security Announces $4M Seed Round",[803,810,817],{"@type":106,"@version":107,"id":804,"component":805,"responsiveStyles":808},"builder-6cba38f8ebe3464a8a424c633d1e59a0",{"name":203,"options":806},{"text":807},"\u003Cp>\u003Cem>Push Security announces it completed a $4 million seed round led by Decibel and backed by prominent industry leaders, including Jon Oberheide and Haroon Meer. With this funding, Push will continue to develop technology that equips employees to secure SaaS.\u003C/em>\u003C/p>",{"large":809},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":768,"meta":811,"component":812,"responsiveStyles":815},{"previousId":563},{"name":203,"options":813},{"text":814},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, July 19, 2022 — Push Security, a provider of technology enabling secure SaaS adoption and usage, today announced it completed a $4 million seed round led by&nbsp;\u003Ca href=\"http://decibel.vc/\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;and backed by&nbsp;\u003Ca href=\"https://pushsecurity.com/about/\" rel=\"noopener noreferrer\" target=\"_blank\">prominent industry leaders\u003C/a>, including Jon Oberheide, co-founder of Duo Security, and Haroon Meer, CEO and founder of Thinkst. With this funding, Push will continue to develop technology that guides employees to make smart decisions while they are using company SaaS platforms, enlisting their help to improve security.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In a cloud-first world, employees are moving fast and adopting SaaS platforms to get things done. Most organizations have hundreds of SaaS apps in use in their environment and the majority of those apps are owned by employees rather than IT or security. SaaS makes productivity gains and technical innovation accessible for companies of all sizes, but it also introduces risk to the business unless it’s properly managed. Without a way to ensure employees are using SaaS securely, many organizations resort to try to control SaaS with highly restrictive policies, which is frustrating for both employees and security teams.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push believes that the best way to support this move toward productivity and flexibility is to adopt a user-centric approach — to equip employees to improve their own security while using SaaS.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The world of work is shifting in a big way,” said Adam Bateman, Push co-founder and CEO. “Employees want flexibility and they need the right tools to be productive, but those tools aren’t always company-approved. So, they’re signing up for those tools on their own. Security teams want to assert some control over this because SaaS apps introduce risk to their company, so they often try to simply lock down SaaS. However, in the long run this just encourages employees to work around the security team. You can’t secure SaaS that’s owned by employees without working with employees. We’ve built a lightweight, scalable way to let employees use SaaS responsibly, guiding them to actually fix security issues, while offloading work from security teams. We’ll prove along the way that employees don’t need to just be seen as part of the problem, but can actually become part of the solution.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“The future of cyber resilience in a SaaS-first world needs cloud-scale solutions designed for the user,” added Ollie Whitehouse, angel investor and CTO at NCC Group. “Push has delivered a solution that has unlimited potential to provide value to all organizations in such a world.”&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Jon Sakoda, Push investor and founder of Decibel, invested in Push’s vision for the future and scalable approach to a really difficult problem. “The Push team has set out to help organizations of every size safely adopt SaaS,” said Jon. “The co-founders have deep security experience as researchers and red teamers, and they’re applying that knowledge to an exponentially growing problem that no one else has been able to solve. I can’t wait to see what the Push team will do to apply user-centric security to finally help organizations progress beyond traditional security solutions that have not been able to keep up with the pace of modern IT.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“Push is connecting the dots between users and their SaaS applications, allowing them to use the apps they love while keeping their organization secure,” added Jon Oberheide, angel investor, co-founder and former CTO of Duo Security (acquired by Cisco).&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push is free to try and free to use for up to 10 users. Visit&nbsp;\u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">pushsecurity.com\u003C/a>&nbsp;to sign up and start your trial.&nbsp;&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Push Security\u003C/strong>\u003C/p>\u003Cp>Push provides a super scalable way to secure SaaS, by equipping employees to join the fight against attackers and improve their own security. We monitor employee SaaS activity and then (using tools such as ChatOps and a browser extension) provide them with just-in-time guidance to help them make good security decisions about how they use and access SaaS. Push is backed by Decibel Partners. See Push in action at&nbsp;\u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">pushsecurity.com\u003C/a>&nbsp;and follow them on at&nbsp;\u003Ca href=\"https://twitter.com/PushSecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@PushSecurity\u003C/a>.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cstrong>About Decibel\u003C/strong>\u003C/p>\u003Cp>\u003Ca href=\"http://decibel.vc/\" rel=\"noopener noreferrer\" target=\"_blank\">Decibel\u003C/a>&nbsp;is an independent venture firm, based in Silicon Valley that backs technical founders and helps them find product-market fit and accelerate their business. Decibel invests in early-stage enterprise software companies, with a special focus on Cybersecurity, Developer Platforms, Open Source, and ML and AI Infrastructure and Applications\u003C/p>",{"large":816},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":818,"@type":106,"tagName":131,"properties":819,"responsiveStyles":820},"builder-pixel-nxectnb06jl",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":821},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":823},{"path":37,"query":824},{},{},1745405528284,1745015850859,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0352defeec1a493d921ea072d45d0055",{"kind":225,"breakpoints":830,"lastPreviewUrl":831,"winningTest":118,"originalContentId":541,"hasLinks":6,"hasAutosaves":41},{"small":39,"medium":40},"https://app.dev.pushsecurity.com/news/push-security-announces-4M-Seed-Round?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=ab716a918d7a4962a6edbad4dcae366b&builder.overrides.ab716a918d7a4962a6edbad4dcae366b=ab716a918d7a4962a6edbad4dcae366b&builder.options.includeRefs=true&builder.options.enrich=true",{"folders":833,"createdDate":834,"id":541,"name":835,"modelId":186,"published":13,"meta":836,"query":839,"data":842,"variations":867,"lastUpdated":868,"firstPublished":869,"testRatio":33,"screenshot":870,"createdBy":222,"lastUpdatedBy":222,"rev":274},[],1744918171570,"PR20250415 Chris Tilton New Push CMO",{"hasLinks":6,"kind":225,"lastPreviewUrl":837,"breakpoints":838},"https://app.dev.pushsecurity.com/news/chris-tilton-new-push-cmo?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=19b90d05ba504dac8aa46b58f782d224&builder.overrides.19b90d05ba504dac8aa46b58f782d224=19b90d05ba504dac8aa46b58f782d224&builder.overrides.press-pages:/news/chris-tilton-new-push-cmo=19b90d05ba504dac8aa46b58f782d224&builder.options.includeRefs=true&builder.options.enrich=true",{"small":39,"medium":40},[840],{"@type":162,"property":163,"operator":164,"value":841},"/news/chris-tilton-new-push-cmo",{"themeId":6,"date":843,"image":430,"seoTitle":844,"ogImage":430,"title":845,"seoDescription":844,"blocks":846,"url":841,"state":864},"Tue Apr 15 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","New Push Security CMO","Push Security Welcomes Former Bugcrowd Marketing Leader as Chief Marketing Officer",[847,853,859],{"@type":106,"@version":107,"id":555,"component":848,"responsiveStyles":851},{"name":203,"options":849},{"text":850},"\u003Cp>\u003Cem>Chris Tilton joins Push as it builds on its mission to redefine identity security by securing browser-based identity threat visibility and response\u003C/em>\u003C/p>",{"large":852},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"@type":106,"@version":107,"id":563,"component":854,"responsiveStyles":857},{"name":203,"options":855},{"text":856},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>BOSTON, Mass., April 15, 2025 — Push Security, a pioneer in browser-based identity threat detection and response (ITDR), has appointed Chris Tilton as Chief Marketing Officer (CMO) to bolster its market presence and brand leadership in identity security. Tilton brings over two decades of cybersecurity marketing experience, having held leadership roles at companies such as Bugcrowd, Cobalt.io, and Probely.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"Push Security is addressing one of the most critical challenges in cybersecurity today: securing identity at the browser level,\" said Tilton. \"The team's innovative approach to identity security aligns with the needs of modern enterprises. I'm excited to lead the marketing efforts that will expand Push's reach and impact in the industry.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>At Bugcrowd, Tilton served as vice president of marketing, where he was instrumental in developing and executing marketing strategies that enhanced brand recognition and drove significant revenue growth. He played a key role in establishing Bugcrowd as a leader in the crowdsourced cybersecurity space.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Following his tenure at Bugcrowd, Tilton joined Cobalt.io as vice president of marketing, where he led initiatives that contributed to the company's expansion and solidified its position in the penetration testing as a service (PtaaS) market. Most recently as CMO at Probely, Tilton oversaw marketing operations, focusing on automated web application and API vulnerability scanning solutions, and played a significant role in the company’s successful acquisition by Snyk.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\"We are thrilled to welcome Chris to the team at such a pivotal moment for Push,\" said Adam Bateman, CEO of Push Security. \"His extensive experience in cybersecurity marketing and deep understanding of the space will be invaluable as we continue to grow and innovate.\"\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>As the cybersecurity landscape evolves, identity-based attacks are on the rise, making visibility and control over browser-based threats more crucial than ever. Push Security's platform empowers security teams to detect and mitigate identity threats originating in the browser, providing real-time protection against account takeovers, session hijacking, and unauthorized access.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Tilton's appointment comes at a time of significant momentum for Push Security, following recent product enhancements and industry recognition for its advancements in ITDR. His leadership will be instrumental in driving the company's next phase of growth and customer engagement.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",{"large":858},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"lineHeight":208,"height":209},{"id":860,"@type":106,"tagName":131,"properties":861,"responsiveStyles":862},"builder-pixel-6rxicomj2ns",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":863},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":865},{"path":37,"query":866},{},{},1745458912170,1744918676903,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe34a237ef15c48d3a72b9eb0f3e294a2",[872,1052,1171,1290,1408,1528,1648,1768],{"createdDate":873,"id":874,"name":875,"modelId":876,"published":13,"stageModifiedSincePublish":6,"query":877,"data":880,"variations":1041,"lastUpdated":1042,"firstPublished":1043,"testRatio":33,"screenshot":1044,"createdBy":34,"lastUpdatedBy":1045,"folders":1046,"meta":1047,"rev":1051},1744829487099,"387451215c314dd5bd654668cdc1a197","Zero-day phishing","cca4143377554c5a9163cc203a8ed2ba",[878],{"@type":162,"property":163,"operator":164,"value":879},"/uc/zero-day-phishing-protection",{"inputs":881,"customFonts":882,"seoTitle":930,"title":930,"tsCode":37,"seoDescription":931,"fontAwesomeIcon":932,"jsCode":37,"blocks":933,"url":879,"state":1038},[],[883],{"family":884,"kind":885,"version":886,"lastModified":887,"files":888,"category":907,"menu":908,"subsets":909,"variants":912},"DM Sans","webfonts#webfont","v14","2023-07-13",{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"800italic":897,"900italic":898,"700italic":899,"100italic":900,"italic":901,"regular":902,"200italic":903,"500italic":904,"300italic":905,"600italic":906},"https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAop1hTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwA_JxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAfJthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAC5thTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8gCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9uCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDG3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-7DW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat_XDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9XCm3zRmYJpso5.ttf","sans-serif","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRT23z.ttf",[910,911],"latin","latin-ext",[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],"100","200","300","regular","500","600","800","900","100italic","200italic","300italic","italic","500italic","600italic","700italic","800italic","900italic","Zero-day phishing protection","Detect phishing TTPs directly in the browser and stop credential theft.","faFishingRod",[934,1033],{"@type":106,"@version":107,"tagName":935,"id":936,"children":937},"div","builder-76c6b8d1499346c7bc1fd56ae4e93638",[938,955,963,970,982,997,1008,1019,1025],{"@type":106,"@version":107,"layerName":939,"id":940,"component":941,"responsiveStyles":952},"UseCaseHero","builder-5228fe062bef4a40a91e43f1112832fa",{"name":939,"options":942,"isRSC":118},{"title":930,"description":943,"points":944,"video":951},"\u003Cp>Push detects phishing as it happens. Autonomous agents hunt for new phishing techniques, identify kit signatures, and deploy detections within minutes of a new attack being analyzed. From cloned login pages to AiTM credential harvesting, Push sees what traditional filters miss and stops threats before they escalate.\u003C/p>",[945,947,949],{"item":946},"Detect phishing that bypasses traditional filters, including AiTM, SSO password theft, and fake login pages",{"item":948},"Stop never-before-seen attacks with AI-native behavioral and on-page analysis inside the browser",{"item":950},"Investigate faster with unified browser, user, and page context","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F40433ceeb4f94b43a82e039a0f4fd411%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=40433ceeb4f94b43a82e039a0f4fd411&alt=media&optimized=true",{"large":953},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},"transparent",{"@type":106,"@version":107,"id":956,"component":957,"responsiveStyles":960},"builder-96634044407e491299e291ed64669e39",{"name":958,"options":959,"isRSC":118},"TrustedBy",{"AllPartners":41,"backgroundTransparent":6},{"large":961},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},"#000",{"@type":106,"@version":107,"id":964,"component":965,"responsiveStyles":968},"builder-2c3768f930534557bb8978e32b6a6a0f",{"name":966,"options":967,"isRSC":118},"Diagonal",{"darkMode":41},{"large":969},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"layerName":971,"id":972,"component":973,"responsiveStyles":980},"TextImageBlockVertical","builder-7c3c1c2840424db2ad2ccbfaf382dd64",{"name":971,"tag":971,"options":974,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":977,"description":978,"animatedTitle":37,"image":979,"reverse":6,"descriptionPaddingHorizontal":118},1200,800,"\u003Ch2>Why stop at the inbox?\u003C/h2>","\u003Cp>Phishing attacks have evolved. Whether attackers lure users with QR codes, instant messages, or OAuth consent screens, the outcome is the same: it plays out in the browser. Push gives you real-time detection for in-browser threats, stopping phishing and consent-based attacks before they lead to compromise\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7fdcac241f0e4a049166d7076858adeb",{"large":981},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":983,"component":984,"responsiveStyles":992},"builder-41c978b3669749cf947e622b4e79e4d7",{"name":985,"options":986,"isRSC":118},"TextImageBlockHorizontal",{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":989,"description":990,"reverse":41,"image":991},600,100,"\u003Cp>Detect phishing at the edge\u003C/p>","\u003Cp>Push uses industry-first telemetry to detect phishing based on behavior, not static indicators. Autonomous agents analyze how phishing pages behave and how users interact with them, uncovering fake logins, credential theft, and phishing kits the moment they load in the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9df3d180c97b4e61af142af2ccd68721",{"large":993},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":995,"marginTop":996},"DM Sans, sans-serif","20px","0px",{"@type":106,"@version":107,"id":998,"component":999,"responsiveStyles":1005},"builder-d2a7bc941feb43cdb898bc116b203cf9",{"name":985,"options":1000,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1002,"description":1003,"reverse":6,"image":1004},120,"\u003Ch2>Go beyond blocklists and IOCs\u003C/h2>","\u003Cp>Push goes beyond URLs and easy-to-change indicators. It reads the full phishing playbook like script behavior, session hijacks, DOM changes, user inputs, then connects the dots in real time. This gives your team a complete picture of how the phishing attempt worked, not just an alert.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fabfd58db169b433e96d3f1261797156e",{"large":1006},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},"36px",{"@type":106,"@version":107,"layerName":985,"id":1009,"component":1010,"responsiveStyles":1016},"builder-42c32198083f4880acb37c5cb76934da",{"name":985,"options":1011,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1013,"description":1014,"reverse":41,"image":1015},140,"\u003Ch2>Enhance your phishing response\u003C/h2>","\u003Cp>When phishing enters your environment, speed matters. Push gives you instant access to the telemetry that counts like session data, user behavior, and page activity, so you can investigate fast, trigger in-browser prompts, or forward alerts to your SIEM or SOAR for response. All in real time, right from the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbb195aec46904056b85e8688629e558e",{"large":1017},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},"47px",{"@type":106,"@version":107,"id":1020,"component":1021,"responsiveStyles":1023},"builder-9a95b9cbc4854421a92ef7b90f6c7adb",{"name":966,"options":1022,"isRSC":118},{"darkMode":6},{"large":1024},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1026,"component":1027,"responsiveStyles":1031},"builder-0afa17a9f25c4661a90f314d5578aa18",{"name":1028,"tag":1028,"options":1029,"isRSC":118},"LatestResources",{"sectionHeading":37,"customClass":1030},"bg-black",{"large":1032},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1034,"@type":106,"tagName":131,"properties":1035,"responsiveStyles":1036},"builder-pixel-h6onu0ubr9",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1037},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1039},{"path":37,"query":1040},{},{},1776275046831,1745499158657,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fff60c30a8442489c8ed7e0af9599d14f","kYgMv6WsbvfmlOUYqR2SFwGzw6e2",[],{"lastPreviewUrl":1048,"winningTest":118,"breakpoints":1049,"kind":225,"hasLinks":6,"originalContentId":1050,"hasAutosaves":6},"https://pushsecurity.com/uc/zero-day-phishing-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=387451215c314dd5bd654668cdc1a197&builder.overrides.387451215c314dd5bd654668cdc1a197=387451215c314dd5bd654668cdc1a197&builder.overrides.use-case-page:/uc/zero-day-phishing-protection=387451215c314dd5bd654668cdc1a197&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},"2daa5670b8504fc7ba4700633e8bd921","wjcv5yvqyja",{"createdDate":1053,"id":1054,"name":1055,"modelId":876,"published":13,"stageModifiedSincePublish":6,"query":1056,"data":1059,"variations":1163,"lastUpdated":1164,"firstPublished":1165,"testRatio":33,"screenshot":1166,"createdBy":34,"lastUpdatedBy":1045,"folders":1167,"meta":1168,"rev":1051},1756833377777,"54f8256648f54d439303734b1e69221b","Browser extension security",[1057],{"@type":162,"property":163,"operator":164,"value":1058},"/uc/browser-extension-security",{"seoDescription":1060,"jsCode":37,"fontAwesomeIcon":1061,"tsCode":37,"title":1055,"seoTitle":1055,"customFonts":1062,"inputs":1067,"blocks":1068,"url":1058,"state":1160},"Shine a light on risky browser extensions.","faPuzzlePiece",[1063],{"kind":885,"family":884,"version":886,"files":1064,"category":907,"lastModified":887,"subsets":1065,"variants":1066,"menu":908},{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"100italic":900,"italic":901,"regular":902,"900italic":898,"800italic":897,"700italic":899,"200italic":903,"300italic":905,"500italic":904,"600italic":906},[910,911],[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],[],[1069,1155],{"@type":106,"@version":107,"tagName":935,"id":1070,"meta":1071,"children":1072},"builder-71d0648c1d2f4ede8d0d0b5b28b7b94c",{"previousId":936},[1073,1089,1096,1103,1112,1122,1132,1142,1149],{"@type":106,"@version":107,"id":1074,"meta":1075,"component":1076,"responsiveStyles":1087},"builder-ff325b4b8fad4edea53f38865947e854",{"previousId":940},{"name":939,"options":1077,"isRSC":118},{"title":1055,"description":1078,"points":1079,"video":1086},"\u003Cp>Browser extensions introduce new code, new permissions, and new potential for risk. Many include AI features, and most go completely unnoticed. Push gives you full visibility into every extension used across your workforce, across major browsers, so you can uncover shadow IT, assess risky permissions, and block unsafe tools before they lead to compromise.\u003C/p>",[1080,1082,1084],{"item":1081},"Discover every browser extension in use",{"item":1083},"Spot risky or unsanctioned behavior",{"item":1085},"Make informed decisions on extension policy","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc538aad95d7f403aa3c3551af72f67c0?alt=media&token=1411fa6d-2eac-4e6c-94bf-ea117da12d67&apiKey=f3a1111ff5be48cdbb123cd9f5795a05",{"large":1088},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1090,"meta":1091,"component":1092,"responsiveStyles":1094},"builder-fb89d128c64e47cf9cbb11d90fc24523",{"previousId":956},{"name":958,"options":1093,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1095},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1097,"meta":1098,"component":1099,"responsiveStyles":1101},"builder-54388d35126c4d0096eeebaf8c4448cd",{"previousId":964},{"name":966,"options":1100,"isRSC":118},{"darkMode":41},{"large":1102},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"layerName":971,"id":1104,"component":1105,"responsiveStyles":1110},"builder-3c8fa6785dd6466abf52a2470d66d85a",{"name":971,"tag":971,"options":1106,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1107,"description":1108,"image":1109,"reverse":6},"\u003Ch2>Take control of browser extensions\u003C/h2>","\u003Cp>Attackers are increasingly using malicious browser extensions to gain access to data processed and stored in the browser. And the problem is, most security teams have no visibility into what extensions are being used. Push changes that. With browser-native telemetry, the Push extension continuously inventories browser extensions across your environment, flags the risky ones, and gives you intelligence to act.&nbsp;\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0a004f16a6874f4c8fdf14344acc9fec",{"large":1111},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1113,"meta":1114,"component":1115,"responsiveStyles":1120},"builder-93738f98109a4009affb349afd7bb182",{"previousId":983},{"name":985,"options":1116,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1117,"description":1118,"reverse":41,"image":1119},"\u003Ch2>Discover every extension in use\u003C/h2>","\u003Cp>Push gives you structured, searchable data about every extension in your environment, so you’re not just seeing what’s there, but also understanding how it got there, what it can do, and who it affects. It’s the kind of granular insight that’s nearly impossible to get from traditional tools, and it lays the groundwork for better policy decisions and faster investigations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0e5727ca99474f14b1b7916bf6bbb782",{"large":1121},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":995,"marginTop":996},{"@type":106,"@version":107,"id":1123,"meta":1124,"component":1125,"responsiveStyles":1130},"builder-83393acb12ee4fdd840839185b51edb4",{"previousId":998},{"name":985,"options":1126,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1127,"description":1128,"reverse":6,"image":1129},"\u003Ch2>Spot risky or malicious extensions\u003C/h2>","\u003Cp>Push highlights extensions with dangerous permissions, broad access, or poor reputations. This includes AI extensions that request access far beyond what their stated purpose requires. You can quickly detect sideloaded, manually installed, or development-mode extensions that bypass normal controls. And because Push shows you who’s using them and where, you can respond precisely and effectively.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa104d58c8da34fbb8901f738fb21453b",{"large":1131},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1133,"meta":1134,"component":1135,"responsiveStyles":1140},"builder-da98e3de949646d89c53a0d1c2784664",{"previousId":1009},{"name":985,"options":1136,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1137,"description":1138,"reverse":41,"image":1139},"\u003Ch2>Accelerate security reviews\u003C/h2>","\u003Cp>Most teams have extension policies, they just don’t have the data to enforce them. Push reveals how each extension entered your environment, whether it was installed manually, sideloaded, or deployed in dev mode. You’ll see which users are running what, and where, so you can surface violations, investigate quickly, and respond with confidence.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F229f355be6f243b180f410d237a75bb3",{"large":1141},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1143,"meta":1144,"component":1145,"responsiveStyles":1147},"builder-1a689287d1a1418997d57db578a71105",{"previousId":1020},{"name":966,"options":1146,"isRSC":118},{"darkMode":6},{"large":1148},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1150,"component":1151,"responsiveStyles":1153},"builder-feb4e75029f84c10b6498ef1f8f79128",{"name":1028,"tag":1028,"options":1152,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1154},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1156,"@type":106,"tagName":131,"properties":1157,"responsiveStyles":1158},"builder-pixel-jc4lv2mnufo",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1159},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1161},{"path":37,"query":1162},{},{},1776275365038,1757000441666,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8d496cf111644ee5afcc046b72d1ca5a",[],{"kind":225,"winningTest":118,"breakpoints":1169,"lastPreviewUrl":1170,"hasLinks":6,"originalContentId":874,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/browser-extension-security?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=54f8256648f54d439303734b1e69221b&builder.overrides.54f8256648f54d439303734b1e69221b=54f8256648f54d439303734b1e69221b&builder.overrides.use-case-page:/uc/browser-extension-security=54f8256648f54d439303734b1e69221b&builder.options.locale=Default",{"createdDate":1172,"id":1173,"name":1174,"modelId":876,"published":13,"query":1175,"data":1178,"variations":1281,"lastUpdated":1282,"firstPublished":1283,"testRatio":33,"screenshot":1284,"createdBy":34,"lastUpdatedBy":1285,"folders":1286,"meta":1287,"rev":1051},1744923509705,"94bebb7bb99d48629ad157e80cf4d81d","Account takeover detection",[1176],{"@type":162,"property":163,"operator":164,"value":1177},"/uc/account-takeover-detection",{"title":1174,"customFonts":1179,"jsCode":37,"seoTitle":1174,"seoDescription":1184,"fontAwesomeIcon":1185,"tsCode":37,"blocks":1186,"url":1177,"state":1278},[1180],{"kind":885,"category":907,"variants":1181,"menu":908,"files":1182,"family":884,"subsets":1183,"version":886,"lastModified":887},[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"300italic":905,"500italic":904,"800italic":897,"700italic":899,"italic":901,"900italic":898,"600italic":906,"200italic":903,"regular":902,"100italic":900},[910,911],"Stop ATO with stolen credential and compromised token detection.","faUserSecret",[1187,1273],{"@type":106,"@version":107,"tagName":935,"id":1188,"meta":1189,"children":1190},"builder-e7913a774cae44c5a23d6081c5c30a52",{"previousId":936},[1191,1207,1214,1221,1230,1240,1250,1260,1267],{"@type":106,"@version":107,"id":1192,"meta":1193,"component":1194,"responsiveStyles":1205},"builder-f1f1ab1601bc4c0f8c2a8aafd173675d",{"previousId":940},{"name":939,"options":1195,"isRSC":118},{"title":1174,"description":1196,"points":1197,"video":1204},"\u003Cp>Attackers don’t need to phish, they just need a password that works. Push monitors for signs of credential-based attacks in real time, directly in the browser, catching account takeover attempts before the damage spreads. From ghost logins to credential stuffing, Push cuts off the paths attackers use to quietly slip in the back door.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[1198,1200,1202],{"item":1199},"Identify credential-based ATO as it unfolds",{"item":1201},"Surface hijacked sessions and token misuse",{"item":1203},"Strengthen authentication where your IdP can’t","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb4dd9db24bc9495b8a686b1b4d492016%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=b4dd9db24bc9495b8a686b1b4d492016&alt=media&optimized=true",{"large":1206},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1208,"meta":1209,"component":1210,"responsiveStyles":1212},"builder-0bc0d1c78ece4994993c3a6427a4d533",{"previousId":956},{"name":958,"options":1211,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1213},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1215,"meta":1216,"component":1217,"responsiveStyles":1219},"builder-e45de8f3768c4f16938dbf78e4e87524",{"previousId":964},{"name":966,"options":1218,"isRSC":118},{"darkMode":41},{"large":1220},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1222,"component":1223,"responsiveStyles":1228},"builder-c98e8bfd341146c1b67c02d5698ff093",{"name":971,"tag":971,"options":1224,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1225,"description":1226,"image":1227,"reverse":6},"\u003Ch2>Assume less. See more.\u003C/h2>","\u003Cp>Most account takeovers don’t start with a breach, they start with a login. Whether it’s a reused password, a local account, or an outdated login flow, Push shows you how accounts are actually accessed day to day, not just how policies say they should be. That means no more blind spots around ghost logins, bypassed SSO, or stale access paths that quietly persist.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F18630ad2746d4eb7b7fcc0428b11a8f0",{"large":1229},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1231,"meta":1232,"component":1233,"responsiveStyles":1238},"builder-55c1fc38ddc04fd1a0d6a8e2fb819e00",{"previousId":983},{"name":985,"options":1234,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1235,"description":1236,"reverse":41,"image":1237},"\u003Ch2>Catch stolen credential use in real time\u003C/h2>","\u003Cp>Push monitors login activity directly in the browser to detect signs of credential-based attacks like leaked password use or suspicious login flows. By analyzing attacker TTPs instead of relying on known indicators, Push spots credential stuffing and account takeover attempts the moment they begin, not after they’ve succeeded.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F52b0123cac2c4dfdb1dc0af6adf9d603",{"large":1239},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":996,"marginTop":996},{"@type":106,"@version":107,"id":1241,"meta":1242,"component":1243,"responsiveStyles":1248},"builder-dfb31737b30948c6b95323655d571a50",{"previousId":998},{"name":985,"options":1244,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1245,"description":1246,"reverse":6,"image":1247},"\u003Ch2>Detect session hijacks and stealth access\u003C/h2>","\u003Cp>Attackers don’t always need a login screen, they often sidestep it entirely using stolen session tokens. Push detects when valid sessions are reused in unexpected ways, identifying hijacked sessions and stealth access attempts that traditional tools miss. Because we monitor directly in the browser, you see what’s happening inside active sessions in real time.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F94a6859a99e04d309ffe5841f3dbdf5c",{"large":1249},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1251,"meta":1252,"component":1253,"responsiveStyles":1258},"builder-f7585b90eb974d03a7dc7eae5b58d227",{"previousId":1009},{"name":985,"options":1254,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1255,"description":1256,"reverse":41,"image":1257},"\u003Ch2>Harden accounts before they’re compromised\u003C/h2>","\u003Cp>Push goes beyond alerts. It identifies apps that still allow local logins, even when SSO is configured, so you can remove weak access paths. Push also flags users without MFA, reused work credentials, or weak passwords, and prompts users in-browser to fix risky behaviors before they’re exploited.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01c1b638f1b6497093a4f2b8ceddb5bb",{"large":1259},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1261,"meta":1262,"component":1263,"responsiveStyles":1265},"builder-ad81d1e3afec49a791214194eae09bdc",{"previousId":1020},{"name":966,"options":1264,"isRSC":118},{"darkMode":6},{"large":1266},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1268,"component":1269,"responsiveStyles":1271},"builder-8dac1aa4b9d148628d92252bd8eff822",{"name":1028,"tag":1028,"options":1270,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1272},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1274,"@type":106,"tagName":131,"properties":1275,"responsiveStyles":1276},"builder-pixel-bp9ni6h4vze",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1277},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1279},{"path":37,"query":1280},{},{},1770892814499,1745499162732,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F58b660fa94aa4b30b0faeb9b663ae41a","SfUPqW5tkibIPby49keNFMdHFTr1",[],{"lastPreviewUrl":1288,"hasLinks":6,"originalContentId":874,"breakpoints":1289,"winningTest":118,"kind":225,"hasAutosaves":41},"https://pushsecurity.com/uc/account-takeover-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.94bebb7bb99d48629ad157e80cf4d81d=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.use-case-page:/uc/account-takeover-detection=94bebb7bb99d48629ad157e80cf4d81d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":1291,"id":1292,"name":1293,"modelId":876,"published":13,"query":1294,"data":1297,"variations":1400,"lastUpdated":1401,"firstPublished":1402,"testRatio":33,"screenshot":1403,"createdBy":34,"lastUpdatedBy":1285,"folders":1404,"meta":1405,"rev":1051},1745009370904,"23eb48fb56d3451cab77cb6ed140ee6d","Attack path hardening",[1295],{"@type":162,"property":163,"operator":164,"value":1296},"/uc/attack-path-hardening",{"tsCode":37,"seoDescription":1298,"jsCode":37,"customFonts":1299,"fontAwesomeIcon":1304,"seoTitle":1293,"title":1293,"blocks":1305,"url":1296,"state":1397},"Harden access paths with visibility,  detection, and guardrails.",[1300],{"kind":885,"files":1301,"version":886,"lastModified":887,"subsets":1302,"menu":908,"category":907,"variants":1303,"family":884},{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"regular":902,"italic":901,"800italic":897,"500italic":904,"600italic":906,"200italic":903,"900italic":898,"700italic":899,"100italic":900,"300italic":905},[910,911],[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],"faRadar",[1306,1392],{"@type":106,"@version":107,"tagName":935,"id":1307,"meta":1308,"children":1309},"builder-1d8553eddcaa44d7bba9e2f4ca13af2a",{"previousId":1188},[1310,1326,1333,1340,1349,1359,1369,1379,1386],{"@type":106,"@version":107,"id":1311,"meta":1312,"component":1313,"responsiveStyles":1324},"builder-84fe3d7c85a743cf8cef649aa974f1ef",{"previousId":1192},{"name":939,"options":1314,"isRSC":118},{"title":1293,"description":1315,"points":1316,"video":1323},"\u003Cp>Push continuously monitors your environment for exposed login paths, weak credentials, and missing protections like MFA. It detects the gaps attackers exploit and helps you close them before they’re used.\u003C/p>",[1317,1319,1321],{"item":1318},"Find weak spots like reused passwords, local logins, and missing MFA",{"item":1320},"Monitor how users actually log in across apps, flows, and tools",{"item":1322},"Enforce secure access with in-browser guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdbdcf52892034f1bbddded77f753a343%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=dbdcf52892034f1bbddded77f753a343&alt=media&optimized=true",{"large":1325},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1327,"meta":1328,"component":1329,"responsiveStyles":1331},"builder-b3f66f5b08054cc78a06fecfc3ae2337",{"previousId":1208},{"name":958,"options":1330,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1332},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1334,"meta":1335,"component":1336,"responsiveStyles":1338},"builder-4c73418b84be49ed85e6e13d2625c5a0",{"previousId":1215},{"name":966,"options":1337,"isRSC":118},{"darkMode":41},{"large":1339},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1341,"component":1342,"responsiveStyles":1347},"builder-dec0246085e1485c803f7152b1922a81",{"name":971,"tag":971,"options":1343,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1344,"description":1345,"image":1346,"reverse":6},"\u003Ch2>Find the gaps that lead to compromise\u003C/h2>","\u003Cp>Misconfigurations don’t show up in your config files, they show up in how users actually access apps. Push monitors real login behavior in the browser, surfacing risky patterns like local login access, duplicate accounts, or missing protections that leave doors wide open.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F309a59bba8d247a19476bb369397460e",{"large":1348},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1350,"meta":1351,"component":1352,"responsiveStyles":1357},"builder-ebf049a645604a249550996a88f8f3b6",{"previousId":1231},{"name":985,"options":1353,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1354,"description":1355,"reverse":41,"image":1356},"\u003Ch2>See real login behavior\u003C/h2>","\u003Cp>Push watches authentication flows as they happen, giving you a live view of how users log in, which methods they choose, and where protections like MFA are missing. Plus, uncover every app and account in use, even shadow IT you didn’t know existed, without relying on stale config files or IdP assumptions. \u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb51f6b0357cc451b87a7a5016d984e5e",{"large":1358},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":995,"marginTop":996},{"@type":106,"@version":107,"id":1360,"meta":1361,"component":1362,"responsiveStyles":1367},"builder-431d175c59004669b0b2776b07d71737",{"previousId":1241},{"name":985,"options":1363,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1364,"description":1365,"reverse":6,"image":1366},"\u003Ch2>Find and fix posture drift\u003C/h2>","\u003Cp>Security posture isn’t static. Push continuously monitors for issues like missing MFA or legacy login methods. When something falls out of policy, you know immediately with custom notifications so you can act before it turns into risk.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F324e39127dfc41e592b1183dfb39892d",{"large":1368},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1370,"meta":1371,"component":1372,"responsiveStyles":1377},"builder-3dffdcbe0a484e2ca4c03f019b6d40ee",{"previousId":1251},{"name":985,"options":1373,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1374,"description":1375,"reverse":41,"image":1376},"\u003Ch2>Guide users with in-browser guardrails\u003C/h2>","\u003Cp>Push doesn’t just surface problems, it helps you fix them. When users sign in without MFA, reuse a password, or use insecure credentials, Push prompts them directly in the browser to secure their access. It’s faster, more effective, and actually gets results.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fee8b75d13e45488aba55434a8b49ebb0",{"large":1378},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1380,"meta":1381,"component":1382,"responsiveStyles":1384},"builder-976bc222cd7647ff905f1e01cfedc453",{"previousId":1261},{"name":966,"options":1383,"isRSC":118},{"darkMode":6},{"large":1385},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1387,"component":1388,"responsiveStyles":1390},"builder-8c47ec2fd0f74382bb3e6c870555632c",{"name":1028,"tag":1028,"options":1389,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1391},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1393,"@type":106,"tagName":131,"properties":1394,"responsiveStyles":1395},"builder-pixel-hqgadf1h59w",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1396},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1398},{"path":37,"query":1399},{},{},1770892844854,1745499166112,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6ca12bf728a045f1a31d40c0beb3bfe5",[],{"kind":225,"lastPreviewUrl":1406,"breakpoints":1407,"hasLinks":6,"originalContentId":1173,"winningTest":118,"hasAutosaves":6},"https://pushsecurity.com/uc/attack-path-hardening?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.23eb48fb56d3451cab77cb6ed140ee6d=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.use-case-page:/uc/attack-path-hardening=23eb48fb56d3451cab77cb6ed140ee6d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":1409,"id":1410,"name":1411,"modelId":876,"published":13,"query":1412,"data":1415,"variations":1520,"lastUpdated":1521,"firstPublished":1522,"testRatio":33,"screenshot":1523,"createdBy":34,"lastUpdatedBy":1285,"folders":1524,"meta":1525,"rev":1051},1761675020232,"ea4f309d2ffe46c5aa97ebf0fda4e2e3","ClickFix Protection",[1413],{"@type":162,"property":163,"operator":164,"value":1414},"/uc/clickfix-protection",{"seoDescription":1416,"fontAwesomeIcon":1417,"customFonts":1418,"seoTitle":1423,"jsCode":37,"tsCode":37,"title":1423,"blocks":1424,"url":1414,"state":1517},"Block attacks that trick users into running malicious code.","faLaptopCode",[1419],{"files":1420,"subsets":1421,"menu":908,"version":886,"kind":885,"family":884,"lastModified":887,"variants":1422,"category":907},{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"200italic":903,"800italic":897,"700italic":899,"600italic":906,"100italic":900,"italic":901,"regular":902,"300italic":905,"500italic":904,"900italic":898},[910,911],[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],"ClickFix protection",[1425,1512],{"@type":106,"@version":107,"tagName":935,"id":1426,"meta":1427,"children":1428},"builder-d7eefdde0f2a4b2b9de3dcb2978fd6cb",{"previousId":1307},[1429,1445,1452,1459,1469,1479,1489,1499,1506],{"@type":106,"@version":107,"id":1430,"meta":1431,"component":1432,"responsiveStyles":1443},"builder-56e2c54bcce040a4af8b92ae03706c12",{"previousId":1311},{"name":939,"options":1433,"isRSC":118},{"title":1423,"description":1434,"points":1435,"image":1442},"\u003Cp>ClickFix attacks are one of the fastest-growing threats, tricking users into copying malicious code from a webpage and running it locally. This technique bypasses traditional EDR, email gateways, and network filters, leading directly to ransomware and data theft. Push stops this attack at the source, in the browser, by detecting and blocking the malicious behavior before the user can ever paste the code.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[1436,1438,1440],{"item":1437},"Detect ClickFix, FileFix, and fake CAPTCHA in the browser",{"item":1439},"Block malicious copy-and-paste actions before code is executed",{"item":1441},"See full telemetry into which users were targeted and what they saw","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b74af62889847ebb3927364485b0546",{"large":1444},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1446,"meta":1447,"component":1448,"responsiveStyles":1450},"builder-05f9614d4e3e4dc88b3ee8658f54e10e",{"previousId":1327},{"name":958,"options":1449,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1451},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1453,"meta":1454,"component":1455,"responsiveStyles":1457},"builder-c4fb5179366243c1b6c32d368675cf47",{"previousId":1334},{"name":966,"options":1456,"isRSC":118},{"darkMode":41},{"large":1458},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1460,"meta":1461,"component":1462,"responsiveStyles":1467},"builder-261af50705fd445d8cca4a6ba20d5391",{"previousId":1341},{"name":971,"tag":971,"options":1463,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1464,"description":1465,"reverse":6,"image":1466},"\u003Ch2>Stop ClickFix-style attacks before they become a breach\u003C/h2>","\u003Cp>Traditional security tools are blind to malicious copy and paste attacks because the attack exploits a gap between the browser and the endpoint. EDR only sees the payload after it runs, and network tools see only part of the picture.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F98b2f7e08dec4eafaf8e24937605b8cf",{"large":1468},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1470,"meta":1471,"component":1472,"responsiveStyles":1477},"builder-7d21b8aab8064c40b1e5dd23c4749309",{"previousId":1350},{"name":985,"options":1473,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1474,"description":1475,"reverse":41,"image":1476},"\u003Ch2>Discover lures at the source\u003C/h2>","\u003Cp>Push inspects page behavior to identify ClickFix attacks as they happen. By inspecting the page, its structure, and how the user interacts with it, Push can detect and block these in-browser threats in real time. This deep, TTP-based inspection spots the trap even on novel pages that are built to bypass traditional web filters and blocklists.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F665bf47e01544c75bf9ddafd3917927b",{"large":1478},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":995,"marginTop":996},{"@type":106,"@version":107,"id":1480,"meta":1481,"component":1482,"responsiveStyles":1487},"builder-fb91943adf6149259ed9e1e6566c9afe",{"previousId":1360},{"name":985,"options":1483,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1484,"description":1485,"reverse":6,"image":1486},"\u003Ch2>Block the malicious action\u003C/h2>","\u003Cp>When Push detects a malicious script, it intercepts the user's action and blocks the code from being copied to the clipboard. The user is protected, the attack is stopped, and no malicious code ever reaches the endpoint. Unlike broad DLP tools, this action is surgical, targeting only malicious behavior without disrupting normal work.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5ee68f81f1ac416685cbfe91298cf827",{"large":1488},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1490,"meta":1491,"component":1492,"responsiveStyles":1497},"builder-bfac95fada864e5a8259b955b5b5f98b",{"previousId":1370},{"name":985,"options":1493,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1494,"description":1495,"reverse":41,"image":1496},"\u003Ch2>Accelerate ClickFix investigations\u003C/h2>","\u003Cp>When an attack happens, knowing what the user saw or did is critical. Push provides rich browser session data for rapid investigation and containment. Security teams get detailed telemetry on which users were targeted, what lure they were served, and when the block occurred. This enables defenders to reconstruct what happened and respond quickly, even when other tools miss the activity entirely.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6cdf2a8aeddc4e9a9023cbf974e40239",{"large":1498},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1500,"meta":1501,"component":1502,"responsiveStyles":1504},"builder-136892e831684a6987f87d3be67c33d1",{"previousId":1380},{"name":966,"options":1503,"isRSC":118},{"darkMode":6},{"large":1505},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1507,"component":1508,"responsiveStyles":1510},"builder-dec26b739f2f42beb5a73cfc6c675b60",{"name":1028,"tag":1028,"options":1509,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1511},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1513,"@type":106,"tagName":131,"properties":1514,"responsiveStyles":1515},"builder-pixel-jb7i4u6v2mk",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1516},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1518},{"path":37,"query":1519},{},{},1770892881888,1761847585203,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F375467b8bef34ed1a8a1cc5b8b67d75f",[],{"lastPreviewUrl":1526,"originalContentId":1292,"winningTest":118,"hasLinks":6,"kind":225,"breakpoints":1527,"hasAutosaves":6},"https://pushsecurity.com/uc/clickfix-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.ea4f309d2ffe46c5aa97ebf0fda4e2e3=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.use-case-page:/uc/clickfix-protection=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":1529,"id":1530,"name":1531,"modelId":876,"published":13,"query":1532,"data":1535,"variations":1640,"lastUpdated":1641,"firstPublished":1642,"testRatio":33,"screenshot":1643,"createdBy":34,"lastUpdatedBy":1285,"folders":1644,"meta":1645,"rev":1051},1745009743870,"a9d5556e77f84a37b5bd52310a7110c1","Incident response",[1533],{"@type":162,"property":163,"operator":164,"value":1534},"/uc/incident-response",{"seoDescription":1536,"customFonts":1537,"title":1531,"jsCode":37,"fontAwesomeIcon":1542,"seoTitle":1543,"tsCode":37,"blocks":1544,"url":1534,"state":1637},"Investigate and respond faster with unique browser telemetry.",[1538],{"kind":885,"subsets":1539,"menu":908,"variants":1540,"category":907,"family":884,"version":886,"lastModified":887,"files":1541},[910,911],[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"900italic":898,"600italic":906,"200italic":903,"300italic":905,"100italic":900,"700italic":899,"800italic":897,"regular":902,"italic":901,"500italic":904},"faSatelliteDish","Browser based incident response",[1545,1632],{"@type":106,"@version":107,"tagName":935,"id":1546,"meta":1547,"children":1548},"builder-653c4aed737b4def88dc4cd2d695660a",{"previousId":1307},[1549,1566,1573,1580,1589,1599,1609,1619,1626],{"@type":106,"@version":107,"id":1550,"meta":1551,"component":1552,"responsiveStyles":1564},"builder-18190bd36518467d9154d27d7e945b9b",{"previousId":1311},{"name":939,"options":1553,"isRSC":118},{"title":1554,"description":1555,"points":1556,"video":1563},"Browser-based incident response","\u003Cp>Push gives you real-time visibility into what actually happened during a breach, right in the browser where the attack played out. From credential theft to session hijacking, Push captures high-fidelity telemetry so you can investigate quickly, contain confidently, and shut it down before it spreads.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[1557,1559,1561],{"item":1558},"Reconstruct what happened with real browser session context",{"item":1560},"Investigate faster with real-world session context",{"item":1562},"Trigger response actions automatically through your SIEM or SOAR","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd00e39d3b6e346c296261d875cf55652%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=d00e39d3b6e346c296261d875cf55652&alt=media&optimized=true",{"large":1565},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1567,"meta":1568,"component":1569,"responsiveStyles":1571},"builder-8a0a8ea63f5d48dd8a6726f2d49cf0ca",{"previousId":1327},{"name":958,"options":1570,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1572},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1574,"meta":1575,"component":1576,"responsiveStyles":1578},"builder-2df65c3f54334df2b26e7cb744886cdc",{"previousId":1334},{"name":966,"options":1577,"isRSC":118},{"darkMode":41},{"large":1579},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1581,"component":1582,"responsiveStyles":1587},"builder-2c32c869efc2423ab69ef06b150e9f97",{"name":971,"tag":971,"options":1583,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1584,"description":1585,"image":1586,"reverse":6},"\u003Ch2>See attacks unfold, not just their aftermath\u003C/h2>","\u003Cp>Attacks happen in the browser, not in logs. Push captures what traditional tools miss: what users clicked, what loaded, what was entered, and how attackers moved. That gives you real-world evidence, not just assumptions, when every second matters.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F36fc719bd1de4a38b916f4d25c81a26d",{"large":1588},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1590,"meta":1591,"component":1592,"responsiveStyles":1597},"builder-370e53c6016e432db01e9193a2ce90f6",{"previousId":1350},{"name":985,"options":1593,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1594,"description":1595,"reverse":41,"image":1596},"\u003Ch2>Investigate faster with high-fidelity data\u003C/h2>","\u003Cp>Reconstructing an incident shouldn’t feel like guesswork. Push records detailed telemetry from inside the browser: page loads, credential inputs, DOM changes, session activity, user behavior. It’s structured, exportable, and ready to plug into your investigation workflows, so you can move fast without digging through proxy logs or relying on user reports.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa6adda040e684e67a8d68a55c5ce5f6d",{"large":1598},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":996,"marginTop":996},{"@type":106,"@version":107,"id":1600,"meta":1601,"component":1602,"responsiveStyles":1607},"builder-a7f3767a8d184bd08fb24520bf210e95",{"previousId":1360},{"name":985,"options":1603,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1604,"description":1605,"reverse":6,"image":1606},"\u003Ch2>Contain and respond in real time\u003C/h2>","\u003Cp>When something looks off, Push doesn’t just alert you, it gives you options. Guide users with in-browser prompts. Terminate sessions. Trigger SOAR workflows. Enrich SIEM alerts. Push gives you the context and control to stop spread before it starts.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb3dedeed5aba4847a2c2d22e10d0ec12",{"large":1608},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1610,"meta":1611,"component":1612,"responsiveStyles":1617},"builder-b92036ee0ece4b32acdbdcc7c377366b",{"previousId":1370},{"name":985,"options":1613,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1614,"description":1615,"reverse":41,"image":1616},"\u003Ch2>Prevent the next one\u003C/h2>","\u003Cp>Push helps you respond fast, but it also helps you fix what went wrong. It surfaces misconfigurations and risky behaviors that made the attack possible in the first place, then guides users in-browser to remediate. One tool. Full loop. No loose ends.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc1ecc2d5d3814b62b072fac01827ff96",{"large":1618},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1620,"meta":1621,"component":1622,"responsiveStyles":1624},"builder-5e8ae39655274de89da32ab573a2525a",{"previousId":1380},{"name":966,"options":1623,"isRSC":118},{"darkMode":6},{"large":1625},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1627,"component":1628,"responsiveStyles":1630},"builder-dfd6850cfb4741d2b8a0c16c2780f00a",{"name":1028,"tag":1028,"options":1629,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1631},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1633,"@type":106,"tagName":131,"properties":1634,"responsiveStyles":1635},"builder-pixel-t20dmmgkd7",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1636},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1638},{"path":37,"query":1639},{},{},1770892908052,1745427419274,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb07017bfd318431690a5bb35bda35b99",[],{"kind":225,"breakpoints":1646,"originalContentId":1292,"winningTest":118,"lastPreviewUrl":1647,"hasLinks":6,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/incident-response?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.a9d5556e77f84a37b5bd52310a7110c1=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.use-case-page:/uc/incident-response=a9d5556e77f84a37b5bd52310a7110c1&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":1649,"id":1650,"name":1651,"modelId":876,"published":13,"query":1652,"data":1655,"variations":1760,"lastUpdated":1761,"firstPublished":1762,"testRatio":33,"screenshot":1763,"createdBy":34,"lastUpdatedBy":1285,"folders":1764,"meta":1765,"rev":1051},1746122471259,"5f118e24433d46ceb79f5099987156d7","Shadow SaaS",[1653],{"@type":162,"property":163,"operator":164,"value":1654},"/uc/shadow-saas",{"seoTitle":1656,"seoDescription":1657,"customFonts":1658,"fontAwesomeIcon":1663,"title":1664,"jsCode":37,"tsCode":37,"blocks":1665,"url":1654,"state":1757},"Find and secure shadow SaaS","See and control shadow SaaS in the browser.",[1659],{"kind":885,"variants":1660,"files":1661,"family":884,"version":886,"subsets":1662,"lastModified":887,"category":907,"menu":908},[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"300italic":905,"500italic":904,"regular":902,"900italic":898,"italic":901,"100italic":900,"200italic":903,"600italic":906,"700italic":899,"800italic":897},[910,911],"faShieldCheck","Secure shadow SaaS",[1666,1752],{"@type":106,"@version":107,"tagName":935,"id":1667,"meta":1668,"children":1669},"builder-04da805c4cd34652a2db452fcda52e1d",{"previousId":1546},[1670,1686,1693,1700,1709,1719,1729,1739,1746],{"@type":106,"@version":107,"id":1671,"meta":1672,"component":1673,"responsiveStyles":1684},"builder-830d414faeaf41439142f9157e8288c8",{"previousId":1550},{"name":939,"options":1674,"isRSC":118},{"title":1656,"description":1675,"points":1676,"video":1683},"\u003Cp>SaaS sprawl is one of today’s fastest-growing security blind spots because most tools monitor around the edges. Push sees it at the source, in the browser, revealing every app users access, flagging risky tools, and helping you shut down exposure before it leads to a breach. No guesswork. No nasty surprises. Just real-time visibility and control.\u003C/p>",[1677,1679,1681],{"item":1678},"Discover every SaaS app users access, managed or not",{"item":1680},"Spot accounts with weak security postures like missing MFA, unmanaged access, and no SSO",{"item":1682},"Control usage with in-browser prompts, blocks, and security guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3e4eece318d04d6586e691d59d0741cf%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=3e4eece318d04d6586e691d59d0741cf&alt=media&optimized=true",{"large":1685},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1687,"meta":1688,"component":1689,"responsiveStyles":1691},"builder-cd7833f966cb4c7e8adf0d6c979414a6",{"previousId":1567},{"name":958,"options":1690,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1692},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1694,"meta":1695,"component":1696,"responsiveStyles":1698},"builder-49d720b45430454e8b08c526f267c19f",{"previousId":1574},{"name":966,"options":1697,"isRSC":118},{"darkMode":41},{"large":1699},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1701,"component":1702,"responsiveStyles":1707},"builder-3dde0bf6c8544e5e9ab41b18a9d68034",{"name":971,"tag":971,"options":1703,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1704,"description":1705,"image":1706,"reverse":6},"\u003Ch2>Use your browser to curb Saas Sprawl\u003C/h2>","\u003Cp>Shadow SaaS isn’t hiding in your network, it’s in your browser. From AI tools to unsanctioned file-sharing sites, security risks live in the apps your users sign into every day. Push maps your organization's true SaaS footprint in real time, exposing apps and accounts with unmanaged access, poor authentication, or no security oversight.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb6811a214c7949b6bbe0b9a3bca62efd",{"large":1708},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1710,"meta":1711,"component":1712,"responsiveStyles":1717},"builder-e2420451ccdc4f088d0a4904cff45935",{"previousId":1590},{"name":985,"options":1713,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1714,"description":1715,"reverse":41,"image":1716},"\u003Ch2>Discover hidden SaaS usage\u003C/h2>","\u003Cp>Push captures live browser telemetry across every tab and session. Whether a user signs into a sanctioned app with a personal account or tries a new AI plugin, you’ll see it in real time, with no integrations or manual tagging.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe16e301f9af94665b95d98232a863d8a",{"large":1718},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":996,"marginTop":996},{"@type":106,"@version":107,"id":1720,"meta":1721,"component":1722,"responsiveStyles":1727},"builder-b36de7fce7994beea9e58d94662e7166",{"previousId":1600},{"name":985,"options":1723,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1724,"description":1725,"reverse":6,"image":1726},"\u003Ch2>Spot risky access and unsafe usage\u003C/h2>","\u003Cp>Discovery is just the beginning. Push flags apps with risky traits, no MFA, no SSO, known vulnerabilities, or broad access scopes. You’ll know which tools introduce real risk, and which users are exposed so you can act with precision.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6585f3c242da4d70ae3cb7d02f481bef",{"large":1728},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1730,"meta":1731,"component":1732,"responsiveStyles":1737},"builder-dc366b5134684fe7a508edf8913103ea",{"previousId":1610},{"name":985,"options":1733,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1734,"description":1735,"reverse":41,"image":1736},"\u003Ch2>Close gaps before they grow\u003C/h2>","\u003Cp>Push turns insight into action. When risky SaaS use is detected, guide users to enable MFA, block high-risk apps, or apply in-browser guardrails automatically. All without deploying new infrastructure or managing dozens of integrations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe6d60b6d91414819bc6258a318f00557",{"large":1738},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1740,"meta":1741,"component":1742,"responsiveStyles":1744},"builder-8708f6f0d8da4b3f9e17bf16cda70219",{"previousId":1620},{"name":966,"options":1743,"isRSC":118},{"darkMode":6},{"large":1745},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1747,"component":1748,"responsiveStyles":1750},"builder-8ff4b38d60534cf28cb523ab0f754875",{"name":1028,"tag":1028,"options":1749,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1751},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1753,"@type":106,"tagName":131,"properties":1754,"responsiveStyles":1755},"builder-pixel-225hg4jfk9t",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1756},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1758},{"path":37,"query":1759},{},{},1770892936802,1746714967208,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01bfb2304521412fbd2e1a1180904d40",[],{"originalContentId":1530,"winningTest":118,"lastPreviewUrl":1766,"breakpoints":1767,"kind":225,"hasLinks":6,"hasAutosaves":6},"https://pushsecurity.com/uc/shadow-saas?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=5f118e24433d46ceb79f5099987156d7&builder.overrides.5f118e24433d46ceb79f5099987156d7=5f118e24433d46ceb79f5099987156d7&builder.overrides.use-case-page:/uc/shadow-saas=5f118e24433d46ceb79f5099987156d7&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":1769,"id":1770,"name":1771,"modelId":876,"published":13,"query":1772,"data":1775,"variations":1879,"lastUpdated":1880,"firstPublished":1881,"testRatio":33,"screenshot":1882,"createdBy":34,"lastUpdatedBy":1285,"folders":1883,"meta":1884,"rev":1051},1764707470172,"b62629ce2f3741158d961cd10fe74b31","Shadow AI",[1773],{"@type":162,"property":163,"operator":164,"value":1774},"/uc/shadow-ai",{"fontAwesomeIcon":1776,"seoTitle":1777,"jsCode":37,"customFonts":1778,"title":1783,"tsCode":37,"seoDescription":1784,"blocks":1785,"url":1774,"state":1876},"faBrainCircuit","Secure AI native and AI enhanced apps. ",[1779],{"variants":1780,"category":907,"files":1781,"subsets":1782,"family":884,"kind":885,"menu":908,"lastModified":887,"version":886},[913,914,915,916,917,918,128,919,920,921,922,923,924,925,926,927,928,929],{"100":889,"200":890,"300":891,"500":892,"600":893,"700":894,"800":895,"900":896,"800italic":897,"regular":902,"700italic":899,"200italic":903,"italic":901,"500italic":904,"600italic":906,"300italic":905,"100italic":900,"900italic":898},[910,911],"Secure shadow AI","See and control shadow AI apps in the browser.",[1786,1871],{"@type":106,"@version":107,"tagName":935,"id":1787,"meta":1788,"children":1789},"builder-a6e5717a2c914d5695058e4ee201a05d",{"previousId":1667},[1790,1806,1813,1820,1830,1839,1848,1858,1865],{"@type":106,"@version":107,"id":1791,"meta":1792,"component":1793,"responsiveStyles":1804},"builder-3e0ed678683f4a0eb7aa00253cf263b2",{"previousId":1671},{"name":939,"options":1794,"isRSC":118},{"title":1783,"description":1795,"points":1796,"image":1803},"\u003Cp>Your employees are adopting AI faster than you can track it. From native features in corporate apps to unapproved shadow tools, it’s all happening in the browser. Push detects every AI interaction in real time, letting you categorize apps and enforce acceptable use policies in the browser.\u003C/p>",[1797,1799,1801],{"item":1798},"Map every AI tool used across your workforce",{"item":1800},"Review and classify apps by sensitivity, purpose, and policy status",{"item":1802},"Enforce AI usage rules directly in the browser","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F33cf153d920f4e389f3650253577cff7",{"large":1805},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":954},{"@type":106,"@version":107,"id":1807,"meta":1808,"component":1809,"responsiveStyles":1811},"builder-76968f8471d14893b8189d75b08fb426",{"previousId":1687},{"name":958,"options":1810,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1812},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":962},{"@type":106,"@version":107,"id":1814,"meta":1815,"component":1816,"responsiveStyles":1818},"builder-b55b9d4bc5a649d8839ce7f6c2043d95",{"previousId":1694},{"name":966,"options":1817,"isRSC":118},{"darkMode":41},{"large":1819},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1821,"meta":1822,"component":1823,"responsiveStyles":1828},"builder-c3f38ef4d75d4989a29b5903175ed8a1",{"previousId":1701},{"name":971,"tag":971,"options":1824,"isRSC":118},{"darkMode":6,"maxWidth":975,"maxTextWidth":976,"title":1825,"description":1826,"image":1827,"reverse":6},"\u003Ch2>Use your browser to govern AI \u003C/h2>","\u003Cp>The AI footprint inside your company is bigger than you think. From text generators to meeting assistants and design copilots, employees test, adopt, and connect new tools constantly. Push shows you those tools and which users are accessing them, without relying on network scans or API integrations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F30b43bda6f1644c19478fb1efa20050c",{"large":1829},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1831,"meta":1832,"component":1833,"responsiveStyles":1837},"builder-90ee9cb9afc44e7f885523715bf51a53",{"previousId":1710},{"name":985,"options":1834,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":988,"title":1835,"description":1836,"reverse":41,"image":1726},"\u003Ch2>Discover every AI tool users touch\u003C/h2>","\u003Cp>Push captures live telemetry from the browser, identifying every AI-native and AI-enhanced application users access. You’ll know which corporate identities are connected, how data flows, and what new AI apps appear across your environment. \u003C/p>",{"large":1838},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":994,"paddingTop":996,"marginTop":996},{"@type":106,"@version":107,"id":1840,"meta":1841,"component":1842,"responsiveStyles":1846},"builder-9e44539fa53c4d8e87406036c921fc46",{"previousId":1720},{"name":985,"options":1843,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1001,"title":1844,"description":1845,"reverse":6,"image":1736},"\u003Ch2>Classify and manage AI risk\u003C/h2>","\u003Cp>For apps you choose to allow, Push lets you apply custom in-browser banners. You can bulk-select categories of AI tools and require users to read and acknowledge your acceptable use policy before they proceed. This creates an auditable trail and moves policy from an easy to forget document to an active, in-workflow control.\u003C/p>",{"large":1847},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1007},{"@type":106,"@version":107,"layerName":985,"id":1849,"meta":1850,"component":1851,"responsiveStyles":1856},"builder-44c1a891926f4bdeaaa37e90721fe6ac",{"previousId":1730},{"name":985,"options":1852,"isRSC":118},{"darkMode":6,"maxWidth":975,"imageMaxWidth":987,"textPaddingTop":1012,"title":1853,"description":1854,"reverse":41,"image":1855},"\u003Ch2>Enforce your AI policy in the browser\u003C/h2>","\u003Cp>When an AI tool is deemed non-compliant or too risky, Push blocks it at the source. The block happens directly in the browser, preventing the user from accessing the site or submitting data. This gives you an immediate, powerful lever to stop data exfiltration and enforce a hard line on unacceptable risk.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa359ac1805af4e15a8a7f84632b9bb55",{"large":1857},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":1018},{"@type":106,"@version":107,"id":1859,"meta":1860,"component":1861,"responsiveStyles":1863},"builder-dcc906f9cbe54dc68b3c672668e7a38f",{"previousId":1740},{"name":966,"options":1862,"isRSC":118},{"darkMode":6},{"large":1864},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1866,"component":1867,"responsiveStyles":1869},"builder-d2d64780c31b4349bc75805b23a07e38",{"name":1028,"tag":1028,"options":1868,"isRSC":118},{"sectionHeading":37,"customClass":1030},{"large":1870},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1872,"@type":106,"tagName":131,"properties":1873,"responsiveStyles":1874},"builder-pixel-gvb5hb3oa9q",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1875},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1877},{"path":37,"query":1878},{},{},1770892957225,1764950077593,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe558b8b069884037a8e6904f7ecc029c",[],{"winningTest":118,"breakpoints":1885,"originalContentId":1650,"kind":225,"lastPreviewUrl":1886,"hasLinks":6,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/shadow-ai?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=b62629ce2f3741158d961cd10fe74b31&builder.overrides.b62629ce2f3741158d961cd10fe74b31=b62629ce2f3741158d961cd10fe74b31&builder.overrides.use-case-page:/uc/shadow-ai=b62629ce2f3741158d961cd10fe74b31&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",[1888,1906,1922,1938,1953,1969,1985,2001,2017,2032,2047,2062,2077,2092,2108,2124,2139,2155,2171,2186,2202,2217,2232,2247,2260,2276,2291,2305,2321,2337,2352,2368,2384,2399,2414,2430,2446,2462,2476,2490,2506,2521,2536,2551,2565,2579,2595,2610,2624,2638,2653,2668,2683,2698,2712,2726,2741,2756,2772,2787,2802,2818,2832,2846,2861,2876,2891,2906,2921,2937,2951,2966,2981,2996,3011,3026,3040,3055,3069,3084,3100,3116,3132,3148,3164,3180,3195,3211,3226,3240,3255,3270,3286,3301,3316,3332,3347,3361,3376,3390],{"createdDate":1889,"id":1890,"name":1891,"modelId":1892,"published":13,"stageModifiedSincePublish":6,"query":1893,"data":1894,"variations":1899,"lastUpdated":1900,"firstPublished":1901,"testRatio":33,"createdBy":72,"lastUpdatedBy":72,"folders":1902,"meta":1903,"rev":1905},1775659739316,"fea39700a5504424835fd0b917aea9d4","Guidepoint security contributed article April 2026","ca2059e5bce743f09d4bf2482c4305fb",[],{"url":1895,"title":1896,"date":1897,"image":1898},"https://www.guidepointsecurity.com/blog/how-the-browser-became-the-battleground/","How the Browser became the Battleground","Wed Apr 08 2026 13:00:00 GMT+0100 (British Summer Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F924a2a6c847445c087df21caf48cddd7",{},1775659893019,1775659893007,[],{"breakpoints":1904,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"zgmzpq2wi2m",{"createdDate":1907,"id":1908,"name":1909,"modelId":1892,"published":13,"query":1910,"data":1911,"variations":1916,"lastUpdated":1917,"firstPublished":1918,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1919,"meta":1920,"rev":1905},1775580238148,"6aa111e4d7ad4c4cb46cc7b031abaa3a","Business of Cybersec podcast Adam interview 3.18.26",[],{"title":1912,"date":1913,"url":1914,"image":1915},"AI, social engineering, and the new browser attack surface","Wed Mar 18 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://techtalksnetwork.com/podcast/the-business-of-cybersecurity/episode/ai-social-engineering-and-the-new-browser-attack-surface","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbad9fab6263a4588abf95c5b7da33e3f",{},1775580306630,1775580306619,[],{"breakpoints":1921,"kind":36,"lastPreviewUrl":37,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":1923,"id":1924,"name":1925,"modelId":1892,"published":13,"query":1926,"data":1927,"variations":1932,"lastUpdated":1933,"firstPublished":1934,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1935,"meta":1936,"rev":1905},1775580001183,"ebd19ed36c8546b9ad41a5f493b6b838","SC Mag DC phish covg 4.6.26",[],{"title":1928,"date":1929,"url":1930,"image":1931},"Upswell of device code phishing intrusions reported","Mon Apr 06 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.scworld.com/brief/upswell-of-device-code-phishing-intrusions-reported","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3961bae259a14deda7c17ee5c36dda80",{},1775580047341,1775580047331,[],{"breakpoints":1937,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":1939,"id":1940,"name":1941,"modelId":1892,"published":13,"query":1942,"data":1943,"variations":1947,"lastUpdated":1948,"firstPublished":1949,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1950,"meta":1951,"rev":1905},1775579878497,"244a8542780b42e4ae14f313a6fa071f","THN DC phish covg 4.6.26",[],{"title":1944,"date":1929,"url":1945,"image":1946},"Device code phishing attacks surge","https://thehackernews.com/2026/04/weekly-recap-axios-hack-chrome-0-day.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fcfa4b6f78f88473d95998eeeaa9c0d6e",{},1775579951350,1775579951336,[],{"breakpoints":1952,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":1954,"id":1955,"name":1956,"modelId":1892,"published":13,"query":1957,"data":1958,"variations":1963,"lastUpdated":1964,"firstPublished":1965,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1966,"meta":1967,"rev":1905},1775579447512,"88ed40a0e8b641769c063a38387d5a2b","Yahoo Tech Adam RSA interview 3.31.26",[],{"date":1959,"title":1960,"url":1961,"image":1962},"Tue Mar 31 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","Browser Safety: Push Security co-founder & CEO Adam Bateman, live at RSAC 2026","https://tech.yahoo.com/cybersecurity/articles/browser-safety-push-security-co-214934406.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F25af3b782e6840e8b6088048b3eeac99",{},1775579615034,1775579615022,[],{"breakpoints":1968,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":1970,"id":1971,"name":1972,"modelId":1892,"published":13,"query":1973,"data":1974,"variations":1979,"lastUpdated":1980,"firstPublished":1981,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1982,"meta":1983,"rev":1905},1775579307973,"cf1b63fc301844a285b5a29fed002ff4","HelpNet InstallFix covg 4.3.26",[],{"url":1975,"title":1976,"date":1977,"image":1978},"https://www.helpnetsecurity.com/2026/04/03/claude-code-leak-github-malware/","Claude Code source leak exploited to spread malware","Fri Apr 03 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff2a1562ab33b405da5c5fb30ed0b99ab",{},1775579397143,1775579397129,[],{"breakpoints":1984,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":1986,"id":1987,"name":1988,"modelId":1892,"published":13,"query":1989,"data":1990,"variations":1995,"lastUpdated":1996,"firstPublished":1997,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":1998,"meta":1999,"rev":1905},1775578991590,"a306ed3522da4d01894877d809a0225f","Bleeping Computer Device Code phish covg 4.4.26",[],{"date":1991,"url":1992,"title":1993,"image":1994},"Sat Apr 04 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/device-code-phishing-attacks-surge-37x-as-new-kits-spread-online/","Device code phishing attacks surge 37x as new kits spread online","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F10b0cc703db24b65a40c389e0c0be2da",{},1775579294329,1775579294325,[],{"breakpoints":2000,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2002,"id":2003,"name":2004,"modelId":1892,"published":13,"query":2005,"data":2006,"variations":2011,"lastUpdated":2012,"firstPublished":2013,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2014,"meta":2015,"rev":1905},1774629528985,"b41eb0bf96174382b15dad4a6adcdf42","InfoSecurity Mag TikTok covg 3.27.26",[],{"title":2007,"date":2008,"url":2009,"image":2010},"New wave of AiTM phishing targets TikTok for business","Fri Mar 27 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.infosecurity-magazine.com/news/phishing-targets-tiktok-for/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fff168f680e5e4852ad3f77611b605c32",{},1774629675368,1774629675354,[],{"breakpoints":2016,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2018,"id":2019,"name":2020,"modelId":1892,"published":13,"query":2021,"data":2022,"variations":2026,"lastUpdated":2027,"firstPublished":2028,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2029,"meta":2030,"rev":1905},1774625734871,"d47e667ea367454988353ac552c95afe","Computing UK TikTok covg 3.27.26",[],{"title":2023,"url":2024,"date":2008,"image":2025},"New campaign targets TikTok for Business accounts","https://www.computing.co.uk/news/2026/security/new-campaign-targets-tiktok-for-business-accounts","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe8b3a4c9b06c41a693a0c38b987e4744",{},1774625782369,1774625782358,[],{"breakpoints":2031,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2033,"id":2034,"name":2035,"modelId":1892,"published":13,"query":2036,"data":2037,"variations":2041,"lastUpdated":2042,"firstPublished":2043,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2044,"meta":2045,"rev":1905},1774625603188,"14ccbc9ab52542a095616b3e87a9f9a3","TechRadar TikTok covg 3.27.26",[],{"title":2038,"date":2008,"url":2039,"image":2040},"TikTok for Business accounts targeted in phishing campaign — here's how to stay safe","https://www.techradar.com/pro/security/tiktok-for-business-accounts-targeted-in-phishing-campaign-heres-how-to-stay-safe","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F909130da6ba14441af017c0f5f2678aa",{},1774625699755,1774625699741,[],{"breakpoints":2046,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2048,"id":2049,"name":2050,"modelId":1892,"published":13,"query":2051,"data":2052,"variations":2056,"lastUpdated":2057,"firstPublished":2058,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2059,"meta":2060,"rev":1905},1774625333190,"585328d31d5a4471a39d1d93e021ad42","Cybernews TikTok covg 3.27.26",[],{"title":2053,"date":2008,"url":2054,"image":2055},"Hackers are hijacking TikTok business accounts to steal credentials in real time","https://cybernews.com/security/tiktok-business-phishing-attack-bypass-2fa/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F27ee6ff74c1641c1bc95ae51a54e0eb2",{},1774625583188,1774625583175,[],{"breakpoints":2061,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2063,"id":2064,"name":2065,"modelId":1892,"published":13,"query":2066,"data":2067,"variations":2071,"lastUpdated":2072,"firstPublished":2073,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2074,"meta":2075,"rev":1905},1774625224658,"be2a2b16bf2941a5a16eaf23ad785eb2","Hacker News TikTok covg 3.27.26",[],{"title":2068,"date":2008,"url":2069,"image":2070},"AitM phishing targets TikTok business accounts using Cloudflare turnstile evasion","https://thehackernews.com/2026/03/aitm-phishing-targets-tiktok-business.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F369a4cc0510e4af289abde629590367c",{},1774625313323,1774625313311,[],{"breakpoints":2076,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2078,"id":2079,"name":2080,"modelId":1892,"published":13,"query":2081,"data":2082,"variations":2086,"lastUpdated":2087,"firstPublished":2088,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2089,"meta":2090,"rev":1905},1774539180417,"ac12e069cffb43a68058b63ef5f8aef3","Bleeping Computer TikTok covg 3.26.26",[],{"title":2083,"date":2084,"url":2085,"image":1994},"TikTok for Business accounts targeted in new phishing campaign","Thu Mar 26 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.bleepingcomputer.com/news/security/tiktok-for-business-accounts-targeted-in-new-phishing-campaign/",{},1774539236707,1774539236692,[],{"breakpoints":2091,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2093,"id":2094,"name":2095,"modelId":1892,"published":13,"query":2096,"data":2097,"variations":2102,"lastUpdated":2103,"firstPublished":2104,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2105,"meta":2106,"rev":1905},1773940048647,"a201d8a73f42410186b3d509b6f0c3be","CSO phishing trends covg 3.19.26",[],{"title":2098,"date":2099,"url":2100,"image":2101},"Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference","Thu Mar 19 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.csoonline.com/article/4147134/your-mfa-isnt-broken-its-being-bypassed-and-your-employees-cant-tell-the-difference.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8f41132730d44daebae0d832445c55ec",{},1773940204199,1773940204183,[],{"breakpoints":2107,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2109,"id":2110,"name":2111,"modelId":1892,"published":13,"query":2112,"data":2113,"variations":2118,"lastUpdated":2119,"firstPublished":2120,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2121,"meta":2122,"rev":1905},1773703638835,"2e23cd577f054aa4940beb0f220359e4","Mandos InstallFix covg 3.15.26",[],{"title":2114,"date":2115,"url":2116,"image":2117},"Brief #146: InstallFix targets Claude code users","Sun Mar 15 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://mandos.io/newsletter/brief-146-installfix-targets-claude-code-users-crackarmor-hits-12-6m-linux-servers-armadin-launches-with-190m/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbc4a6a05dd434e199c74cc76b301c8a8",{},1773703708956,1773703708952,[],{"breakpoints":2123,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2125,"id":2126,"name":2127,"modelId":1892,"published":13,"query":2128,"data":2129,"variations":2133,"lastUpdated":2134,"firstPublished":2135,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2136,"meta":2137,"rev":1905},1773703499887,"705dae05d93d416c89e2c9ce32d0b496","HelpNet Security InstallFix covg 3.15.26",[],{"title":2130,"date":2115,"url":2131,"image":2132},"Fake Claude Code install pages highlight rise of “InstallFix” attacks","https://www.helpnetsecurity.com/2026/03/15/week-in-review-aitm-phishing-kit-used-to-hijack-aws-accounts-year-long-malware-campaign-targets-hr/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbbe6b25d7ee44caca487a2e02e89318b",{},1773703559299,1773703559291,[],{"breakpoints":2138,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2140,"id":2141,"name":2142,"modelId":1892,"published":13,"query":2143,"data":2144,"variations":2149,"lastUpdated":2150,"firstPublished":2151,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2152,"meta":2153,"rev":1905},1773687322799,"84cc10edb1b2454e9979d1fe8093591e","Th Hacker News InstallFix covg 3.16.26",[],{"title":2145,"date":2146,"url":2147,"image":2148},"ClickFix campaigns spread MacSync macOS infostealer via fake AI tool installers","Mon Mar 16 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7e6adf865e5d48b88b4a9714867d1c98",{},1773687415679,1773687415667,[],{"breakpoints":2154,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2156,"id":2157,"name":2158,"modelId":1892,"published":13,"query":2159,"data":2160,"variations":2165,"lastUpdated":2166,"firstPublished":2167,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2168,"meta":2169,"rev":1905},1773252341339,"73fd1abf5dc041bea52ea94176885129","eSecurityPlanet InstallFix covg 3.10.26",[],{"title":2161,"date":2162,"url":2163,"image":2164},"Fake Claude code install pages spread infostealer malware","Tue Mar 10 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.esecurityplanet.com/artificial-intelligence/fake-claude-code-install-pages-spread-infostealer-malware/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc0da1bcf072a48c490fbcd4bc844e5f9",{},1773252483044,1773252483040,[],{"breakpoints":2170,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2172,"id":2173,"name":2174,"modelId":1892,"published":13,"query":2175,"data":2176,"variations":2180,"lastUpdated":2181,"firstPublished":2182,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2183,"meta":2184,"rev":1905},1773252263890,"73ef90b1e764453e8d55b71565639581","Simply Cyber podcast InstallFix covg 3.10.26",[],{"title":2177,"date":2162,"url":2178,"image":2179},"\"Install‑Fix” malvertising exploits copy‑paste commands, stealing developer credentials","https://www.youtube.com/watch?v=XuzhDlMPGvk&t=36s","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd956252f551a4726b3af6460cf61447f",{},1773252334029,1773252334025,[],{"breakpoints":2185,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2187,"id":2188,"name":2189,"modelId":1892,"published":13,"query":2190,"data":2191,"variations":2196,"lastUpdated":2197,"firstPublished":2198,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2199,"meta":2200,"rev":1905},1773154777774,"c44b49fde42d4641b2008857cf3ff5ba","SC Mag InstallFix covg 3.9.26",[],{"title":2192,"url":2193,"date":2194,"image":2195},"Amatera infostealer deployed via phony Claude Code guides","https://www.scworld.com/brief/amatera-infostealer-deployed-via-phony-claude-code-guides","Mon Mar 09 2026 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9a342685f76d470fa3e242ea167a5cd1",{},1773154836220,1773154836208,[],{"breakpoints":2201,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2203,"id":2204,"name":2205,"modelId":1892,"published":13,"query":2206,"data":2207,"variations":2211,"lastUpdated":2212,"firstPublished":2213,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2214,"meta":2215,"rev":1905},1773101667837,"93db02ee89a54c0b98aaf2b74f5c540e","Dark Reading InstallFix cov 3.9.36",[],{"title":2208,"date":2194,"url":2209,"image":2210},"'InstallFix' attacks spread fake Claude code sites","https://www.darkreading.com/cloud-security/installfix-attacks-fake-claude-code","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F076a6464109142d18d23719908be2953",{},1773101731285,1773101731273,[],{"breakpoints":2216,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2218,"id":2219,"name":2220,"modelId":1892,"published":13,"query":2221,"data":2222,"variations":2226,"lastUpdated":2227,"firstPublished":2228,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2229,"meta":2230,"rev":1905},1773101598572,"5b524166f0144825a1f4ee218e9085c0","LifeHacker covg InstallFix covg 3.9.26",[],{"title":2223,"date":2194,"url":2224,"image":2225},"This scam impersonates the official Claude code website to spread malware","https://lifehacker.com/tech/this-scam-cleverly-impersonates-the-official-claude-code-website-to-spread","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0324e6fbaa6a44d8b6ea461051b4200c",{},1773101660771,1773101660757,[],{"breakpoints":2231,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2233,"id":2234,"name":2235,"modelId":1892,"published":13,"query":2236,"data":2237,"variations":2241,"lastUpdated":2242,"firstPublished":2243,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2244,"meta":2245,"rev":1905},1773101514655,"f503c8e19006498fbcdb157c2a42a995","SecurityWeek InstallFix covg 3.9.26",[],{"title":2238,"date":2194,"url":2239,"image":2240},"Cloned AI tool sites distribute malware in ‘InstallFix’ campaign","https://www.securityweek.com/cloned-ai-tool-sites-distribute-malware-in-installfix-campaign/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ffe84cb2b7900455fbc94779ccb8b5fc7",{},1773101579856,1773101579843,[],{"breakpoints":2246,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2248,"id":2249,"name":2250,"modelId":1892,"published":13,"query":2251,"data":2252,"variations":2254,"lastUpdated":2255,"firstPublished":2256,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2257,"meta":2258,"rev":1905},1773101354594,"fad012fa1a14444ea0236f2dca43237a","HelpNet Security InstallFix covg",[],{"url":2253,"date":2194,"title":2130,"image":2132},"https://www.helpnetsecurity.com/2026/03/09/fake-claude-code-install-pages-installfix-attacks/",{},1773101508558,1773101508544,[],{"breakpoints":2259,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2261,"id":2262,"name":2263,"modelId":1892,"published":13,"query":2264,"data":2265,"variations":2270,"lastUpdated":2271,"firstPublished":2272,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2273,"meta":2274,"rev":1905},1772827048134,"a239d13c86c949e7b3f7471e09439103","PC Mag InstallFix coverage 3.6.26",[],{"url":2266,"title":2267,"date":2268,"image":2269},"https://www.pcmag.com/news/phony-claude-code-install-guides-trick-vibe-coders-into-installing-malware","Phony Claude Code install guides trick vibe coders into installing malware","Fri Mar 06 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdefe9e4e2e564b3199ba7ed63782776b",{},1772827293549,1772827293537,[],{"breakpoints":2275,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2277,"id":2278,"name":2279,"modelId":1892,"published":13,"query":2280,"data":2281,"variations":2285,"lastUpdated":2286,"firstPublished":2287,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2288,"meta":2289,"rev":1905},1772812850285,"32a36f7ffc97486b9b85c1e6e6a19adb","HelpNet Security Mal Browser Ext Blocking covg 3.6.26",[],{"title":2282,"url":2283,"date":2268,"image":2284},"Push Security adds malicious browser extension detection to block threats in employee browsers","https://www.helpnetsecurity.com/2026/03/06/new-infosec-products-of-the-week-march-6-2026/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5604e321cccc4fe889b1c77ee36260cc",{},1772812938749,1772812938734,[],{"breakpoints":2290,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2292,"id":2293,"name":2294,"modelId":1892,"published":13,"query":2295,"data":2296,"variations":2299,"lastUpdated":2300,"firstPublished":2301,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2302,"meta":2303,"rev":1905},1772812645857,"b3ad4716c02d458fb37e4ae87fb69a91","Bleeping Computer - InstallFix covg 3.6.26",[],{"url":2297,"date":2268,"title":2298,"image":1994},"https://www.bleepingcomputer.com/news/security/fake-claude-code-install-guides-push-infostealers-in-installfix-attacks/","Fake Claude Code install guides push infostealers in InstallFix attacks",{},1772812735192,1772812735177,[],{"breakpoints":2304,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2306,"id":2307,"name":2308,"modelId":1892,"published":13,"query":2309,"data":2310,"variations":2315,"lastUpdated":2316,"firstPublished":2317,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2318,"meta":2319,"rev":1905},1770134011691,"1f0ce90d436a490b81bc8b375a36973c","Bleeping Computer 1.14.26",[],{"url":2311,"image":2312,"date":2313,"title":2314},"https://www.bleepingcomputer.com/news/security/consentfix-debrief-insights-from-the-new-oauth-phishing-attack/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Faa241f108dc14ac2aeaf1d43f93cffba","Wed Jan 14 2026 00:00:00 GMT-0800 (Pacific Standard Time)","ConsentFix debrief: Insights from the new OAuth phishing attack",{},1770223902608,1770134079643,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":2320,"hasErrors":6,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2322,"id":2323,"name":2324,"modelId":1892,"published":13,"query":2325,"data":2326,"variations":2331,"lastUpdated":2332,"firstPublished":2333,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2334,"meta":2335,"rev":1905},1770133693426,"f50b06a576ba49d4a3e12f699dc4a0b9","Intl Business Times 1.29.26",[],{"title":2327,"date":2328,"url":2329,"image":2330},"Sneaky 2FA attack reveals fake Windows stealing passwords from users","Thu Jan 29 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.ibtimes.co.uk/sneaky-2fa-attack-reveals-fake-windows-stealing-passwords-users-1774788","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb1eecfba9de1421596583d792dfc8e27",{},1770133955516,1770133955511,[],{"breakpoints":2336,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2338,"id":2339,"name":2340,"modelId":1892,"published":13,"query":2341,"data":2342,"variations":2346,"lastUpdated":2347,"firstPublished":2348,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2349,"meta":2350,"rev":1905},1770133609556,"8643eed442104b0fa0d581e3f4a2d471","HelpNet Security 1.13.26",[],{"title":2343,"date":2344,"url":2345,"image":2132},"Browser-in-the-Browser phishing is on the rise: Here’s how to spot it","Tue Jan 13 2026 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.helpnetsecurity.com/2026/01/13/browser-in-the-browser-bitb-phishing/",{},1770133683668,1770133683662,[],{"breakpoints":2351,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2353,"id":2354,"name":2355,"modelId":1892,"published":13,"query":2356,"data":2357,"variations":2362,"lastUpdated":2363,"firstPublished":2364,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2365,"meta":2366,"rev":1905},1767036095564,"695279b6813a414f804c8dcfc223f1b5","Yahoo Finance 12.28.25",[],{"title":2358,"date":2359,"url":2360,"image":2361},"Cyber scams on the rise: How to avoid getting phished by hackers","Sun Dec 28 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://finance.yahoo.com/video/cyber-scams-rise-avoid-getting-150059260.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdfb33b9cab8244d89da3d2b12c6aaf37",{},1767036157428,1767036157415,[],{"breakpoints":2367,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2369,"id":2370,"name":2371,"modelId":1892,"published":13,"query":2372,"data":2373,"variations":2378,"lastUpdated":2379,"firstPublished":2380,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2381,"meta":2382,"rev":1905},1767035804669,"b019aa8067f74c1881b6e58196a057b0","Yahoo Finance Live 12.2425",[],{"title":2374,"date":2375,"url":2376,"image":2377},"Phishing scams becoming prevalent on LinkedIn: How to spot them","Wed Dec 24 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://finance.yahoo.com/video/phishing-scams-becoming-prevalent-linkedin-150028882.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F12a9694c214243d888f16ef15dabc4d2",{},1767035986901,1767035986888,[],{"breakpoints":2383,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2385,"id":2386,"name":2387,"modelId":1892,"published":13,"query":2388,"data":2389,"variations":2393,"lastUpdated":2394,"firstPublished":2395,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2396,"meta":2397,"rev":1905},1766169985769,"729b8c2debe8456aa6ab6b5ba10ca925","HelpNet Security ClickFix news 12.19.25",[],{"title":2390,"image":2284,"url":2391,"date":2392},"Push Security detects and blocks malicious copy-and-paste activity","https://www.helpnetsecurity.com/2025/12/18/push-security-malicious-copy-and-paste-detection/","Thu Dec 18 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1766170357526,1766170238006,[],{"lastPreviewUrl":37,"breakpoints":2398,"kind":36,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2400,"id":2401,"name":2402,"modelId":1892,"published":13,"query":2403,"data":2404,"variations":2408,"lastUpdated":2409,"firstPublished":2410,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2411,"meta":2412,"rev":1905},1765978497561,"d463bec64b9643c692b4eb189dfef015","Risky Biz ConsentFix covg 12.17.25",[],{"title":2405,"date":286,"url":2406,"image":2407},"The unholy combination of OAuth consent phishing, social engineering and Azure CLI","https://risky.biz/RB819/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd9913ae44cc04e408a1402945a938cf7",{},1765978608128,1765978608114,[],{"breakpoints":2413,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2415,"id":2416,"name":2417,"modelId":1892,"published":13,"query":2418,"data":2419,"variations":2424,"lastUpdated":2425,"firstPublished":2426,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2427,"meta":2428,"rev":1905},1765927305960,"da7779ec2c7e41bea3588088599db6bd","eSecurity Planet ConsentFix covg 12.16.25",[],{"image":2420,"title":2421,"url":2422,"date":2423},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fea0c2f44d1dd49a2803fd6ae9f28dddf","Azure CLI trust abused in ConsentFix account takeovers","https://www.esecurityplanet.com/threats/azure-cli-trust-abused-in-consentfix-account-takeovers/","Tue Dec 16 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1765978490900,1765978490894,[],{"breakpoints":2429,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2431,"id":2432,"name":2433,"modelId":1892,"published":13,"query":2434,"data":2435,"variations":2440,"lastUpdated":2441,"firstPublished":2442,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2443,"meta":2444,"rev":1905},1765911192421,"9bc109c6597c4c74808b5c18815f32b7","YouTube - John Hammond - ConsentFix covg 12.1",[],{"url":2436,"date":2437,"title":2438,"image":2439},"https://www.youtube.com/watch?v=AAiiIY-Soak","Sat Dec 13 2025 00:00:00 GMT-0800 (Pacific Standard Time)"," Hacking endpoint to identity (Microsoft 365): \"ConsentFix\"","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdc03867552734a1a88ea820997e8e824",{},1765911308541,1765911308525,[],{"breakpoints":2445,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2447,"id":2448,"name":2449,"modelId":1892,"published":13,"query":2450,"data":2451,"variations":2456,"lastUpdated":2457,"firstPublished":2458,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2459,"meta":2460,"rev":1905},1765896303734,"cd56166cb8584e9b9436a3649c616883","Forbes ConsentFix covg 12.15.25",[],{"title":2452,"date":2453,"url":2454,"image":2455},"Shut down and restart—New Microsoft attack beats passwords, 2FA and passkeys","Mon Dec 15 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.forbes.com/sites/zakdoffman/2025/12/15/if-you-get-this-message-your-microsoft-account-is-under-attack/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3730733e33464d8e9d0556e82edd107d",{},1765896374204,1765896374190,[],{"breakpoints":2461,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2463,"id":2464,"name":2465,"modelId":1892,"published":13,"query":2466,"data":2467,"variations":2470,"lastUpdated":2471,"firstPublished":2472,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2473,"meta":2474,"rev":1905},1765813760914,"b17bf20966554159bde52b04ab4c6486","Bleeping Computer 2025 Phishing 12.15.25",[],{"title":2468,"image":1994,"date":2453,"url":2469},"2025’s Top phishing trends and what they mean for your security strategy","https://www.bleepingcomputer.com/news/security/2025s-top-phishing-trends-and-what-they-mean-for-your-security-strategy/",{},1765896388675,1765813851964,[],{"breakpoints":2475,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2477,"id":2478,"name":2479,"modelId":1892,"published":13,"query":2480,"data":2481,"variations":2484,"lastUpdated":2485,"firstPublished":2486,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2487,"meta":2488,"rev":1905},1765813622416,"2262a496aa5548138f2c48490a327b62","THN ConsentFix covg 12.15.25",[],{"title":2482,"date":2453,"url":2483,"image":2070},"ConsentFix, a new twist on ClickFix","https://thehackernews.com/2025/12/weekly-recap-apple-0-days-winrar.html",{},1765813754902,1765813747219,[],{"breakpoints":2489,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2491,"id":2492,"name":2493,"modelId":1892,"published":13,"query":2494,"data":2495,"variations":2500,"lastUpdated":2501,"firstPublished":2502,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2503,"meta":2504,"rev":1905},1765588990292,"2a99264102a347c698748c7f72fba883","Cybersecurity News ConsentFix covg 12.12.25",[],{"title":2496,"date":2497,"url":2498,"image":2499},"New ConsentFix attack let attackers hijack Microsoft accounts by leveraging Azure CLI","Fri Dec 12 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://cybersecuritynews.com/consentfix-attack-hijack-microsoft-accounts/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F71a9b05bbd654bc7982bdc364f8a5589",{},1765589049186,1765589049178,[],{"breakpoints":2505,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2507,"id":2508,"name":2509,"modelId":1892,"published":13,"query":2510,"data":2511,"variations":2515,"lastUpdated":2516,"firstPublished":2517,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2518,"meta":2519,"rev":1905},1765588671527,"4c4ed790409241029b5c36d281989be6","GB Hackers ConsentFix covg 12.12.25",[],{"url":2512,"date":2497,"title":2513,"image":2514},"https://gbhackers.com/consentfix-attack-lets-hackers-hijack-microsoft-accounts/","ConsentFix attack lets hackers hijack Microsoft accounts via Azure CLI abuse","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc682d314e0d04e53b56947e72588139e",{},1765588735509,1765588735497,[],{"breakpoints":2520,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2522,"id":2523,"name":2524,"modelId":1892,"published":13,"query":2525,"data":2526,"variations":2530,"lastUpdated":2531,"firstPublished":2532,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2533,"meta":2534,"rev":1905},1765588552747,"7dd9a9ed4b0c4fb18ee2d44f3e7dfb8b","SC Magazine ConsentFix covg  12.12.25",[],{"title":2527,"date":2497,"url":2528,"image":2529},"Microsoft account takeovers eased by new ConsentFix attack","https://www.scworld.com/brief/microsoft-account-takeovers-eased-by-new-consentfix-attack","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8ea70ebc671e41ddac4cbb8c729239bf",{},1765588663106,1765588663095,[],{"breakpoints":2535,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2537,"id":2538,"name":2539,"modelId":1892,"published":13,"query":2540,"data":2541,"variations":2545,"lastUpdated":2546,"firstPublished":2547,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2548,"meta":2549,"rev":1905},1765558395804,"f9573d88aa38429a85e559d38cac0da8","CSO Online ConsentFix covg 12.11.25",[],{"title":2542,"date":321,"url":2543,"image":2544},"Meet ConsentFix, a new twist on the ClickFix phishing attack","https://www.csoonline.com/article/4105230/meet-consentfix-a-new-twist-on-the-clickfix-phishing-attack.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F4416fd877c2f4b2f8761bd4c4130e087",{},1765558453935,1765558453921,[],{"breakpoints":2550,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2552,"id":2553,"name":2554,"modelId":1892,"published":13,"query":2555,"data":2556,"variations":2559,"lastUpdated":2560,"firstPublished":2561,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2562,"meta":2563,"rev":1905},1765558238257,"2e109e06550a43c2ad7ac0ca6331e419","Risky Biz News ConstentFix 12.12.25",[],{"title":2557,"date":2497,"url":2558,"image":2407},"ConsentFix attack","https://news.risky.biz/risky-bulletin-eu-has-a-problem-attracting-and-retaining-cyber-talent/",{},1765558390283,1765558390271,[],{"breakpoints":2564,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2566,"id":2567,"name":2568,"modelId":1892,"published":13,"query":2569,"data":2570,"variations":2573,"lastUpdated":2574,"firstPublished":2575,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2576,"meta":2577,"rev":1905},1765469636103,"340b0e7f1a304117ab582722f05e8e32","Bleeping Computer ConsentFix covg 12.11.25",[],{"title":2571,"url":2572,"date":321,"image":1994},"New ConsentFix attack hijacks Microsoft accounts via Azure CLI","https://www.bleepingcomputer.com/news/security/new-consentfix-attack-hijacks-microsoft-accounts-via-azure-cli/",{},1765469736998,1765469736985,[],{"breakpoints":2578,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2580,"id":2581,"name":2582,"modelId":1892,"published":13,"query":2583,"data":2584,"variations":2589,"lastUpdated":2590,"firstPublished":2591,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2592,"meta":2593,"rev":1905},1765148102020,"4df69320406d4efca8587d2cde16b57f","CIO National Review Calendly covg 12.4.25 ",[],{"url":2585,"title":2586,"image":2587,"date":2588},"https://nationalcioreview.com/articles-insights/extra-bytes/calendly-emails-impersonate-major-brands-in-new-credential-theft-scheme/","Calendly emails impersonate major brands in new credential theft scheme","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F89703900d321432c98585f9e078498cf","Thu Dec 04 2025 00:00:00 GMT-0800 (Pacific Standard Time)",{},1765148186771,1765148172790,[],{"breakpoints":2594,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2596,"id":2597,"name":2598,"modelId":1892,"published":13,"query":2599,"data":2600,"variations":2604,"lastUpdated":2605,"firstPublished":2606,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2607,"meta":2608,"rev":1905},1764869554092,"56ca72af985e4a7d99b106e64575df87","SC Magazine Calendly covg 12.3.25",[],{"title":2601,"date":2602,"url":2603,"image":2529},"Ongoing Calendly phishing scheme impersonates major brands","Wed Dec 03 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.scworld.com/brief/ongoing-calendly-phishing-scheme-impersonates-major-brands",{},1764869599039,1764869599025,[],{"breakpoints":2609,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2611,"id":2612,"name":2613,"modelId":1892,"published":13,"query":2614,"data":2615,"variations":2618,"lastUpdated":2619,"firstPublished":2620,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2621,"meta":2622,"rev":1905},1764869466225,"80f5dc65e67e440c84c96094a7dbc8ef","Cybersecurity News Calendly covg 12.4.25",[],{"title":2616,"date":2588,"url":2617,"image":2499},"Hackers using Calendly-themed phishing attack to steal Google Workspace account","https://cybersecuritynews.com/hackers-using-calendly-themed-phishing-attack/",{},1764869534791,1764869534779,[],{"breakpoints":2623,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2625,"id":2626,"name":2627,"modelId":1892,"published":13,"query":2628,"data":2629,"variations":2632,"lastUpdated":2633,"firstPublished":2634,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2635,"meta":2636,"rev":1905},1764869345227,"7fb8db6aae0246338314b3e7be6dc2e1","GBHackers Calendly covg ",[],{"date":2602,"title":2630,"url":2631,"image":2514},"New Calendly-inspired phishing attack aims to steal Google Workspace credentials","https://gbhackers.com/calendly-inspired-phishing/",{},1764869446853,1764869446848,[],{"breakpoints":2637,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2639,"id":2640,"name":2641,"modelId":1892,"published":13,"query":2642,"data":2643,"variations":2647,"lastUpdated":2648,"firstPublished":2649,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2650,"meta":2651,"rev":1905},1764686012316,"2a4f8f8e094f4e049c29118e79405314","BleepingComputer Calendly covg 12.2.25",[],{"url":2644,"date":2645,"title":2646,"image":1994},"https://www.bleepingcomputer.com/news/security/fake-calendly-invites-spoof-top-brands-to-hijack-ad-manager-accounts/","Tue Dec 02 2025 00:00:00 GMT-0800 (Pacific Standard Time)","Fake Calendly invites spoof top brands to hijack ad manager accounts",{},1764686122781,1764686122769,[],{"breakpoints":2652,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2654,"id":2655,"name":2656,"modelId":1892,"published":13,"query":2657,"data":2658,"variations":2662,"lastUpdated":2663,"firstPublished":2664,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2665,"meta":2666,"rev":1905},1763702945083,"0e54d0e51482444696748d8b2fd98353","CSO Online Sneaky 2FA covg 11.20.25",[],{"date":2659,"url":2660,"title":2661,"image":2544},"Thu Nov 20 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.csoonline.com/article/4094165/sneaky2fa-phishing-tool-adds-ability-to-insert-legit-looking-urls.html","Sneaky2FA phishing tool adds ability to insert legit-looking URLs",{},1763703125793,1763703125781,[],{"kind":36,"breakpoints":2667,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2669,"id":2670,"name":2671,"modelId":1892,"published":13,"query":2672,"data":2673,"variations":2677,"lastUpdated":2678,"firstPublished":2679,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2680,"meta":2681,"rev":1905},1763666026198,"fd03f07d887c4b3fb1b054149f091c3e","SC Magazine Sneaky 2FA covg 11.19.25",[],{"date":2674,"url":2675,"title":2676,"image":2195},"Wed Nov 19 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.scworld.com/brief/bitb-integrated-into-updated-sneaky-2fa-phaas-kit","BitB integrated into updated Sneaky 2FA PhaaS kit",{},1763666083690,1763666083680,[],{"breakpoints":2682,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2684,"id":2685,"name":2686,"modelId":1892,"published":13,"query":2687,"data":2688,"variations":2692,"lastUpdated":2693,"firstPublished":2694,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2695,"meta":2696,"rev":1905},1763655272869,"8bc9b208121f45dfb439055a697610e7","Bleeping Computer Sneaky 2FA covg 11.19.25",[],{"date":2674,"url":2689,"title":2690,"image":2691},"https://www.bleepingcomputer.com/news/security/sneaky2fa-phaas-kit-now-uses-redteamers-browser-in-the-browser-attack/","Sneaky2FA PhaaS kit now uses redteamers' Browser-in-the-Browser attack","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F36bf8a57288a46249bd63de631f5f7ba",{},1763655342102,1763655342088,[],{"breakpoints":2697,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2699,"id":2700,"name":2701,"modelId":1892,"published":13,"meta":2702,"query":2704,"data":2705,"variations":2708,"lastUpdated":2709,"firstPublished":2710,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2711,"rev":1905},1763583238248,"5581a088f27a46509dbb9e0db3a6c388","GBHackers Sneaky 2FA covg 11.19.25",{"breakpoints":2703,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},[],{"date":2674,"image":2514,"url":2706,"title":2707},"https://gbhackers.com/new-phishing-kit/","New phishing kit using BitB technique targets Microsoft accounts to steal credentials via Sneaky 2FA attack",{},1763583307561,1763583307548,[],{"createdDate":2713,"id":2714,"name":2715,"modelId":1892,"published":13,"query":2716,"data":2717,"variations":2720,"lastUpdated":2721,"firstPublished":2722,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2723,"meta":2724,"rev":1905},1763581208571,"c91f0750197248d4a8c67a813998fd2f","Cybersecurity News Sneaky 2FA coverage 11.19.25",[],{"title":2718,"date":2674,"url":2719,"image":2499},"New Sneaky 2FA phishing kit with BitB technique attacking users to steal Microsoft account credentials","https://cybersecuritynews.com/new-sneaky-2fa-phishing-kit-with-bitb-technique-attacking-users/",{},1763581282640,1763581282624,[],{"breakpoints":2725,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2727,"id":2728,"name":2729,"modelId":1892,"published":13,"query":2730,"data":2731,"variations":2735,"lastUpdated":2736,"firstPublished":2737,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2738,"meta":2739,"rev":1905},1763491298594,"308df4bb1a094898b6f8b3972110418b","THN Sneaky 2FA coverage 11.18.25",[],{"title":2732,"date":2733,"url":2734,"image":1946},"Sneaky 2FA phishing kit adds BitB pop-ups designed to mimic the browser address bar","Tue Nov 18 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/sneaky-2fa-phishing-kit-adds-bitb-pop.html",{},1763491363109,1763491363097,[],{"breakpoints":2740,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2742,"id":2743,"name":2744,"modelId":1892,"published":13,"query":2745,"data":2746,"variations":2750,"lastUpdated":2751,"firstPublished":2752,"testRatio":33,"createdBy":72,"lastUpdatedBy":222,"folders":2753,"meta":2754,"rev":1905},1763386847074,"f019425360414324be53082f44bb2529","THN 11/17/2025",[],{"url":2747,"date":2748,"title":2749,"image":2070},"https://thehackernews.com/2025/11/5-reasons-why-attackers-are-phishing.html","Mon Nov 17 2025 12:00:00 GMT+0000 (Greenwich Mean Time)","5 Reasons Why Attackers Are Phishing Over LinkedIn",{},1763491290840,1763386891096,[],{"breakpoints":2755,"lastPreviewUrl":37,"kind":36,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2757,"id":2758,"name":2759,"modelId":1892,"published":13,"query":2760,"data":2761,"variations":2766,"lastUpdated":2767,"firstPublished":2768,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2769,"meta":2770,"rev":1905},1762880656430,"e1b2f0f439ab4727b2b3efc8c7ff96ae","Ars Technica 11.11.25",[],{"image":2762,"date":2763,"url":2764,"title":2765},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F19e072045f1848ccaf1908e7bdd9761a","Tue Nov 11 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://arstechnica.com/security/2025/11/clickfix-may-be-the-biggest-security-threat-your-family-has-never-heard-of/","ClickFix may be the biggest security threat your family has never heard of",{},1762884134919,1762880709413,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":2771,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2773,"id":2774,"name":2775,"modelId":1892,"published":13,"query":2776,"data":2777,"variations":2781,"lastUpdated":2782,"firstPublished":2783,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2784,"meta":2785,"rev":1905},1762825858961,"1163986d94f84e6c874e7640a8bb5ca8","The Hacker News 11.10.25",[],{"title":2778,"date":2779,"url":2780,"image":1946},"Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware","Mon Nov 10 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/large-scale-clickfix-phishing-attacks.html",{},1762825939779,1762825939765,[],{"breakpoints":2786,"kind":36,"lastPreviewUrl":37,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":2788,"id":2789,"name":2790,"modelId":1892,"published":13,"query":2791,"data":2792,"variations":2796,"lastUpdated":2797,"firstPublished":2798,"testRatio":33,"createdBy":72,"lastUpdatedBy":222,"folders":2799,"meta":2800,"rev":1905},1762787628852,"393eccca06d146e69ecfb8f0dffa3151","Bleeping computer 11/10/2025",[],{"url":2793,"title":2794,"image":1994,"date":2795},"https://www.bleepingcomputer.com/news/security/5-reasons-why-attackers-are-phishing-over-linkedin/","5 reasons why attackers are phishing over LinkedIn","Mon Nov 10 2025 13:00:00 GMT+0000 (Greenwich Mean Time)",{},1762825967348,1762787687347,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":2801,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":2803,"id":2804,"name":2805,"modelId":1892,"published":13,"query":2806,"data":2807,"variations":2812,"lastUpdated":2813,"firstPublished":2814,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2815,"meta":2816,"rev":1905},1762626307695,"83025ff7899e4dceb630f2fd08a4072e","eSecurity Planet 11.7.25",[],{"title":2808,"date":2809,"url":2810,"image":2811},"ClickFix malware evolves with multi-OS support and video tutorials","Fri Nov 07 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.esecurityplanet.com/threats/clickfix-malware-evolves-with-multi-os-support-and-video-tutorials/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd2c60d8a0ffc4d3bbac11c159cd66abd",{},1762626358641,1762626358630,[],{"breakpoints":2817,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2819,"id":2820,"name":2821,"modelId":1892,"published":13,"query":2822,"data":2823,"variations":2826,"lastUpdated":2827,"firstPublished":2828,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2829,"meta":2830,"rev":1905},1762544396960,"f248c42225584ee1b4c48cecd787771c","SC Magazine - ClickFix 11.7.25",[],{"title":2824,"date":2809,"url":2825,"image":2529},"New ClickFix attacks feature ‘self-infection’ videos","https://www.scworld.com/news/new-clickfix-attacks-feature-self-infection-videos",{},1762544447163,1762544447149,[],{"breakpoints":2831,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2833,"id":2834,"name":2835,"modelId":1892,"published":13,"query":2836,"data":2837,"variations":2840,"lastUpdated":2841,"firstPublished":2842,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2843,"meta":2844,"rev":1905},1762544277875,"1149df5149b046a6bed634a0fec7cca0","Cybersecurity News 11.7.25",[],{"title":2838,"url":2839,"date":2809,"image":2499},"ClickFix attacks evolved with weaponized videos that tricks users via self-infection process","https://cybersecuritynews.com/clickfix-attacks-evolved-with-weaponized-videos/",{},1762544338325,1762544338310,[],{"breakpoints":2845,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2847,"id":2848,"name":2849,"modelId":1892,"published":13,"query":2850,"data":2851,"variations":2855,"lastUpdated":2856,"firstPublished":2857,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2858,"meta":2859,"rev":1905},1762544197059,"473ad3c507eb438796589d7137cbbd87","TechRadar Pro 11.7.25",[],{"title":2852,"date":2853,"url":2854,"image":2040},"Experts warn ClickFix malware attacks are back, and more dangerous than ever before - here's how to stay safe","Fri Nov 07 2025 00:02:00 GMT-0800 (Pacific Standard Time)","https://www.techradar.com/pro/security/experts-warn-clickfix-malware-attacks-are-back-and-more-dangerous-than-ever-before",{},1762544255461,1762544255446,[],{"breakpoints":2860,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2862,"id":2863,"name":2864,"modelId":1892,"published":13,"query":2865,"data":2866,"variations":2870,"lastUpdated":2871,"firstPublished":2872,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2873,"meta":2874,"rev":1905},1762544114376,"a020ce8b19464aefb709af15402cf60e","SecurityWeek 11.7.25",[],{"url":2867,"date":2868,"title":2869,"image":2240},"https://www.securityweek.com/clickfix-attacks-against-macos-users-evolving/","Fri Nov 07 2025 00:01:00 GMT-0800 (Pacific Standard Time)","ClickFix attacks against macOS users evolving",{},1762544191057,1762544191043,[],{"breakpoints":2875,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2877,"id":2878,"name":2879,"modelId":1892,"published":13,"query":2880,"data":2881,"variations":2885,"lastUpdated":2886,"firstPublished":2887,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2888,"meta":2889,"rev":1905},1762544049378,"c740917cbf94428a8ca995c252f61384","Cyberwire 11.7.25",[],{"title":2882,"date":2809,"url":2883,"image":2884},"Sophisticated ClickFix campaign targets Mac users","https://thecyberwire.com/newsletters/daily-briefing/14/214","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd86483d891a94ef9be8394a20e649e6a",{},1762544106532,1762544106517,[],{"breakpoints":2890,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2892,"id":2893,"name":2894,"modelId":1892,"published":13,"query":2895,"data":2896,"variations":2900,"lastUpdated":2901,"firstPublished":2902,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2903,"meta":2904,"rev":1905},1762530865915,"f40e34bb86f44e46b86f48e039e2047e","Risky Business 11.7.25",[],{"title":2897,"url":2898,"image":2899,"date":2809},"Arrests, cybercrime, and threat intel","https://risky.biz/risky-bulletin-europol-arrests-payment-service-executives-for-role-in-credit-card-fraud-ring/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0711aacafd8042449739851214085715",{},1762531197354,1762531180634,[],{"breakpoints":2905,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2907,"id":2908,"name":2909,"modelId":1892,"published":13,"query":2910,"data":2911,"variations":2915,"lastUpdated":2916,"firstPublished":2917,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2918,"meta":2919,"rev":1905},1762530734034,"fe13862ebcd047b8adc4d76a83d95f94","HelpNet Security 11.7.25",[],{"title":2912,"date":2809,"url":2913,"image":2914},"Attackers upgrade ClickFix with tricks used by online stores","https://www.helpnetsecurity.com/2025/11/07/newest-clickfix-tricks/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0bfab47bca5b4e58a278b9b30f27f2f0",{},1762530851870,1762530851855,[],{"breakpoints":2920,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2922,"id":2923,"name":2924,"modelId":1892,"published":13,"query":2925,"data":2926,"variations":2931,"lastUpdated":2932,"firstPublished":2933,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2934,"meta":2935,"rev":1905},1762465369069,"5154d24b5f9545e4814c4aeec2cb9834","Tom's Guide coverage 11.6.25",[],{"title":2927,"date":2928,"url":2929,"image":2930},"ClickFix attacks just got a major upgrade to trick you into infecting your computer with malware — don't fall for this","Thu Nov 06 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://www.tomsguide.com/computing/malware-adware/clickfix-attacks-just-got-a-major-upgrade-to-trick-you-into-infecting-your-computer-with-malware-dont-fall-for-this","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3199c910a2f74de0aa3e884357432227",{},1762465417810,1762465417802,[],{"breakpoints":2936,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2938,"id":2939,"name":2940,"modelId":1892,"published":13,"query":2941,"data":2942,"variations":2945,"lastUpdated":2946,"firstPublished":2947,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2948,"meta":2949,"rev":1905},1762442767784,"3b991cd1e1f8406784ecb76dfea5dab5","Bleeping Computer covg ClickFix 11.6.25",[],{"title":2943,"date":2928,"url":2944,"image":1994},"ClickFix malware attacks evolve with multi-OS support, video tutorials","https://www.bleepingcomputer.com/news/security/clickfix-malware-attacks-evolve-with-multi-os-support-video-tutorials/",{},1762442923468,1762442923454,[],{"breakpoints":2950,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2952,"id":2953,"name":2954,"modelId":1892,"published":13,"query":2955,"data":2956,"variations":2960,"lastUpdated":2961,"firstPublished":2962,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2963,"meta":2964,"rev":1905},1762184560199,"8f62d571236349798ac17c1e81d047a1","The Hacker News coverage 11.3.25",[],{"title":2957,"date":2958,"url":2959,"image":2148},"Hackers abuse LinkedIn to target finance executives ","Mon Nov 03 2025 00:00:00 GMT-0800 (Pacific Standard Time)","https://thehackernews.com/2025/11/weekly-recap-lazarus-hits-web3-intelamd.html",{},1762184662730,1762184662720,[],{"breakpoints":2965,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2967,"id":2968,"name":2969,"modelId":1892,"published":13,"query":2970,"data":2971,"variations":2975,"lastUpdated":2976,"firstPublished":2977,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2978,"meta":2979,"rev":1905},1762184482687,"946db957decb45889bd8d59a5f5c0607","Digit News coverage 11.3.25",[],{"title":2972,"date":2958,"url":2973,"image":2974},"Hackers exploiting LinkedIn DMs in major phishing campaign","https://www.digit.fyi/hackers-exploiting-linkedin-dms-in-major-phishing-campaign/","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F17f3b7a989af4acbbd826ca77fc54af6",{},1762184541405,1762184541390,[],{"breakpoints":2980,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2982,"id":2983,"name":2984,"modelId":1892,"published":13,"query":2985,"data":2986,"variations":2990,"lastUpdated":2991,"firstPublished":2992,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":2993,"meta":2994,"rev":1905},1761961315095,"9d78bbed0daa4b84be79bd7365af4869","SC Magazine covg LinkedIn 10.31.25",[],{"title":2987,"date":2988,"url":2989,"image":1931},"New LinkedIn phishing campaign targets finance executives","Fri Oct 31 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.scworld.com/brief/new-linkedin-phishing-campaign-targets-finance-executives",{},1761961578583,1761961578567,[],{"breakpoints":2995,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":2997,"id":2998,"name":2999,"modelId":1892,"published":13,"query":3000,"data":3001,"variations":3005,"lastUpdated":3006,"firstPublished":3007,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3008,"meta":3009,"rev":1905},1761947171521,"2ce3789549db412aa99b58872d78fb0e","Computing UK covg LinkedIn 10.31.25",[],{"url":3002,"date":3003,"title":3004,"image":2025},"https://www.computing.co.uk/news/2025/security/linkedin-phishers-target-executives-with-fake-board-invitations","Fri Oct 31 2025 00:03:00 GMT-0700 (Pacific Daylight Time)","LinkedIn phishers target executives with fake board invitations",{},1761947289516,1761947289502,[],{"breakpoints":3010,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":3012,"id":3013,"name":3014,"modelId":1892,"published":13,"query":3015,"data":3016,"variations":3020,"lastUpdated":3021,"firstPublished":3022,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3023,"meta":3024,"rev":1905},1761945728360,"03afaafcb7814d74af6589a6d7387fd8","Forbes coverage 10.31.25",[],{"title":3017,"date":3018,"image":2455,"url":3019},"LinkedIn DM attack warning — what users need to know","Fri Oct 31 2025 00:01:00 GMT-0700 (Pacific Daylight Time)","https://www.forbes.com/sites/daveywinder/2025/10/31/linkedin-dm-attack-warning---what-users-need-to-know/",{},1761945955728,1761945939660,[],{"lastPreviewUrl":37,"breakpoints":3025,"kind":36,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":3027,"id":3028,"name":3029,"modelId":1892,"published":13,"query":3030,"data":3031,"variations":3034,"lastUpdated":3035,"firstPublished":3036,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3037,"meta":3038,"rev":1905},1761945120534,"affd2e99a6db4d9a861ccd39b21a3ece","TechRadar covg LinkedIn phishing 10.31.25",[],{"title":3032,"date":2988,"url":3033,"image":2040},"New LinkedIn phishing scam targets executives with fake board positions","https://www.techradar.com/pro/security/linkedin-scammers-target-executives-with-fake-board-positions",{},1761945175881,1761945175869,[],{"breakpoints":3039,"kind":36,"lastPreviewUrl":37,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":3041,"id":3042,"name":3043,"modelId":1892,"published":13,"query":3044,"data":3045,"variations":3049,"lastUpdated":3050,"firstPublished":3051,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3052,"meta":3053,"rev":1905},1761925374078,"58f52d3ae94b41818f4440a4066907bf","MSSP Alert covg GPS news 10.31.25",[],{"date":2988,"url":3046,"title":3047,"image":3048},"https://www.msspalert.com/news/push-security-and-guidepoint-partner-to-deliver-browser-based-detection-and-response","Push Security and GuidePoint partner to deliver browser-based detection and response","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F1c5c45d781a24850a25a474a0a54ca55",{},1761925544631,1761925544627,[],{"breakpoints":3054,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":3056,"id":3057,"name":3058,"modelId":1892,"published":13,"query":3059,"data":3060,"variations":3063,"lastUpdated":3064,"firstPublished":3065,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3066,"meta":3067,"rev":1905},1761838982466,"be4f6c4324c6451b9d6d569ac7f27f31","Bleeping Computer coverage LinkedIn Campaign 10.30.25",[],{"image":2691,"url":3061,"date":357,"title":3062},"https://www.bleepingcomputer.com/news/security/linkedin-phishing-targets-finance-execs-with-fake-board-invites/","LinkedIn phishing targets finance execs with fake board invites",{},1761839107201,1761839083538,[],{"breakpoints":3068,"lastPreviewUrl":37,"kind":36,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":3070,"id":3071,"name":3072,"modelId":1892,"published":13,"meta":3073,"query":3075,"data":3076,"variations":3080,"lastUpdated":3081,"firstPublished":3082,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3083,"rev":1905},1761681021052,"ac43ae2fa82445948a210c110b96ce37","Channel Insider GPS news 10.28.25",{"breakpoints":3074,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"url":3077,"date":393,"title":3078,"image":3079},"https://www.channelinsider.com/security/managed-services/push-security-guidepoint-partnership/","Push Security & GuidePoint Security announce partnership","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ffbe34c3f83b2441a8dccb76789212dc4",{},1761681086588,1761681086574,[],{"createdDate":3085,"id":3086,"name":3087,"modelId":1892,"published":13,"meta":3088,"query":3090,"data":3091,"variations":3096,"lastUpdated":3097,"firstPublished":3098,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3099,"rev":1905},1761346114618,"6cdbb3d6778943b29b9a8a49f5d702c7","The Hacker News - 10.20.25",{"breakpoints":3089,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3092,"date":3093,"url":3094,"image":3095},"Analysing ClickFix: 3 reasons why copy/paste attacks are driving security breaches","Mon Oct 20 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2025/10/analysing-clickfix-3-reasons-why.html","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F98cb9bc215834c0e8b3e343b30460d74",{},1761346212903,1761346212888,[],{"createdDate":3101,"id":3102,"name":3103,"modelId":1892,"published":13,"meta":3104,"query":3106,"data":3107,"variations":3112,"lastUpdated":3113,"firstPublished":3114,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3115,"rev":1905},1760476919714,"cb5d689a1542442595127fb06115ba39","Cybercrime Magazine podcast 10.7.25",{"lastPreviewUrl":37,"breakpoints":3105,"kind":36},{"xsmall":57,"small":39,"medium":40},[],{"image":3108,"date":3109,"title":3110,"url":3111},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fcfc7e4d4644945c1b7e88780af073dc5","Tue Oct 07 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Fighting identity attacks. Push Security secures $30M in funding.","https://soundcloud.com/cybercrimemagazine/fighting-identity-attacks-push-security-secures-30m-funding-adam-bateman-cofounder-ceo",{},1760540162536,1760477002768,[],{"data":3117,"variations":3122,"name":3123,"createdDate":3124,"testRatio":33,"published":13,"meta":3125,"lastUpdatedBy":222,"createdBy":222,"folders":3127,"firstPublished":3128,"modelId":1892,"id":3129,"lastUpdated":3130,"query":3131,"rev":1905},{"title":3118,"url":3119,"image":3120,"date":3121},"Hackers are looking to steal Microsoft logins using some devious new tricks - here's how to stay safe","https://www.msn.com/en-us/money/other/hackers-are-looking-to-steal-microsoft-logins-using-some-devious-new-tricks-here-s-how-to-stay-safe/ar-AA1Lav17","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F61beebb7353d414086bcebc081ac5500","Mon Aug 25 2025 00:01:00 GMT-0700 (Pacific Daylight Time)",{},"MSN.com ADFS coverage 8.25.25",1758836339904,{"lastPreviewUrl":37,"breakpoints":3126,"kind":36},{"medium":40,"small":39,"xsmall":57},[],1758836400724,"3241a0a6618d44f9ae140d91f4cd1387",1758836400736,[],{"testRatio":33,"folders":3133,"query":3134,"lastUpdated":3135,"published":13,"createdDate":3136,"variations":3137,"name":3138,"id":3139,"data":3140,"createdBy":222,"meta":3145,"lastUpdatedBy":222,"modelId":1892,"firstPublished":3147,"rev":1905},[],[],1758737920402,1758737823316,{},"Bloomberg coverage 9.24.25","6539b9daae5e4840b163c64a6fc3fb79",{"title":3141,"url":3142,"image":3143,"date":3144},"Hackers are trying to scam tech bosses through LinkedIn","https://www.bloomberg.com/news/newsletters/2025-09-24/hackers-are-trying-to-scam-tech-bosses-through-linkedin","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F1b6cc4a2b61e43fc9ac9b030ddf8862a","Wed Sep 24 2025 00:00:00 GMT-0700 (Pacific Daylight Time)",{"lastPreviewUrl":37,"breakpoints":3146,"kind":36},{"xsmall":57,"small":39,"medium":40},1758737920387,{"meta":3149,"createdDate":3151,"lastUpdatedBy":222,"id":3152,"firstPublished":3153,"createdBy":222,"query":3154,"folders":3155,"data":3156,"testRatio":33,"modelId":1892,"variations":3161,"name":3162,"published":13,"lastUpdated":3163,"rev":1905},{"breakpoints":3150,"kind":36,"lastPreviewUrl":37},{"medium":40,"small":39,"xsmall":57},1758562786655,"718153bdabe3414094b0d4ec3c7de705",1758562873907,[],[],{"title":3157,"date":3158,"image":3159,"url":3160},"Who is Scattered Spider? Crypto.com breach and major London cyber attacks the result of crime network","Mon Sep 22 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F684ea0cae41d4f9ea0dded0fd1597fea","https://www.ccn.com/news/technology/who-is-scattered-spider-crypto-com-tfl/",{},"CCN coverage Scattered Spider blog post 9.22.25",1758562873921,{"firstPublished":3165,"folders":3166,"meta":3167,"modelId":1892,"createdDate":3169,"name":3170,"published":13,"data":3171,"id":3176,"createdBy":222,"query":3177,"lastUpdatedBy":222,"variations":3178,"testRatio":33,"lastUpdated":3179,"rev":1905},1758297128886,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":3168},{"medium":40,"small":39,"xsmall":57},1758297056575,"Decipher podcast w/ Adam 9.19.25",{"url":3172,"title":3173,"image":3174,"date":3175},"https://decipher.sc/videos/new-targeted-phishing-attack-trends-with-adam-bateman-of-push-security/","New targeted phishing attack trends with Adam Bateman of Push Security","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff7fe6fbe4eae4384bdea240c10b6455b","Fri Sep 19 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","caf3a388a71d477089665f72589ddc3a",[],{},1758297128899,{"createdDate":3181,"id":3182,"name":3183,"modelId":1892,"published":13,"meta":3184,"query":3186,"data":3187,"variations":3191,"lastUpdated":3192,"firstPublished":3193,"testRatio":33,"createdBy":72,"lastUpdatedBy":222,"folders":3194,"rev":1905},1758013870880,"45f6c7c9e5334068a73e7410cd2f1e5b","THN 09/15/25",{"kind":36,"lastPreviewUrl":37,"breakpoints":3185},{"xsmall":57,"small":39,"medium":40},[],{"date":3188,"image":3095,"title":3189,"url":3190},"Mon Sep 15 2025 08:00:00 GMT+0100 (British Summer Time)","6 browser-based attacks security teams need to prepare for right now","https://thehackernews.com/2025/09/6-browser-based-attacks-security-teams.html",{},1761346228352,1758013933935,[],{"createdDate":3196,"id":3197,"name":3198,"modelId":1892,"published":13,"meta":3199,"query":3201,"data":3202,"variations":3207,"lastUpdated":3208,"firstPublished":3209,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3210,"rev":1905},1757995415465,"2067a743118f4aab8b25eae5d14f7653","ChannelE2E coverage M. Orlando 9.12.25",{"breakpoints":3200,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3203,"date":3204,"url":3205,"image":3206},"Changes in the channel: Push Security names Mark Orlando as Field CTO","Fri Sep 12 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.channele2e.com/news/changes-in-the-channel-people-moves-and-shakeups-september-01-september-05","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa4c417281e1044e784c2f31db77e9cf4",{},1757995547792,1757995547780,[],{"createdDate":3212,"id":3213,"name":3214,"modelId":1892,"published":13,"meta":3215,"query":3217,"data":3218,"variations":3222,"lastUpdated":3223,"firstPublished":3224,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3225,"rev":1905},1757459251727,"a04ec6d94e2b42f0812c7fcd855b33bc","WSJ Pro coverage M. Orlando 9.9.25",{"breakpoints":3216,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"url":3219,"date":432,"title":3220,"image":3221},"https://createsend.com/t/d-34D71C6EF37107C52540EF23F30FEDED","Push Security appointed new Field CTO Mark Orlando","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fccd788c48e664f9482e117004096a1fe",{},1757459800243,1757459800230,[],{"createdDate":3227,"id":3228,"name":3229,"modelId":1892,"published":13,"meta":3230,"query":3232,"data":3233,"variations":3236,"lastUpdated":3237,"firstPublished":3238,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3239,"rev":1905},1757459139380,"cc02ef9096ef4857830e0abf7442a791","Dark Reading coverage m. Orlando 9.9.25",{"breakpoints":3231,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3234,"date":432,"image":2210,"url":3235},"Is the browser becoming the new endpoint?","https://www.darkreading.com/endpoint-security/browser-becoming-new-endpoint",{},1757459242500,1757459242482,[],{"createdDate":3241,"id":3242,"name":3243,"modelId":1892,"published":13,"meta":3244,"query":3246,"data":3247,"variations":3251,"lastUpdated":3252,"firstPublished":3253,"testRatio":33,"createdBy":72,"lastUpdatedBy":72,"folders":3254,"rev":1905},1756997467810,"289d3daac835433e84d3032ad92b4382","Bleeping Computer 09042025",{"breakpoints":3245,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3248,"date":3249,"url":3250,"image":2691},"Bleeping Computer: 6 browser-based attacks all security teams should be ready for in 2025","Thu Sep 04 2025 13:00:00 GMT+0100 (British Summer Time)","https://www.bleepingcomputer.com/news/security/6-browser-based-attacks-all-security-teams-should-be-ready-for-in-2025/",{},1756997532576,1756997532572,[],{"createdDate":3256,"id":3257,"name":3258,"modelId":1892,"published":13,"meta":3259,"query":3261,"data":3262,"variations":3266,"lastUpdated":3267,"firstPublished":3268,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3269,"rev":1905},1756831191612,"48b2318a5eb04b1193035e82b210239f","The Hacked News ADFS coverage 8.30.25",{"breakpoints":3260,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3263,"date":3264,"url":3265,"image":3095},"Attackers abuse Velociraptor forensic tool to deploy visual studio code for C2 tunneling","Sat Aug 30 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://thehackernews.com/2025/08/attackers-abuse-velociraptor-forensic.html",{},1756831285450,1756831285437,[],{"createdDate":3271,"id":3272,"name":3273,"modelId":1892,"published":13,"meta":3274,"query":3276,"data":3277,"variations":3282,"lastUpdated":3283,"firstPublished":3284,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3285,"rev":1905},1756310324356,"e1ce478e8605473a94800cf1c1230140","Cyber Defense Magazine - BH coverage - 8.27.25",{"lastPreviewUrl":37,"kind":36,"breakpoints":3275},{"xsmall":57,"small":39,"medium":40},[],{"image":3278,"date":3279,"title":3280,"url":3281},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F39dbf17b39694a63b3f46c24ab02083e","Wed Aug 27 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","Black Hat ignites under Vegas lights","https://www.cyberdefensemagazine.com/black-hat-ignites-under-vegas-lights/",{},1760477116712,1756310546054,[],{"createdDate":3287,"id":3288,"name":3289,"modelId":1892,"published":13,"meta":3290,"query":3292,"data":3293,"variations":3297,"lastUpdated":3298,"firstPublished":3299,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3300,"rev":1905},1756233120701,"0367fca1664a4438a3917f7343700ff8","Computing UK ADFS coverage 8.21.25",{"lastPreviewUrl":37,"breakpoints":3291,"kind":36},{"xsmall":57,"small":39,"medium":40},[],{"date":3294,"title":3295,"url":3296,"image":2025},"Thu Aug 21 2025 01:00:00 GMT-0700 (Pacific Daylight Time)","Hackers exploit Microsoft ADFS with office.com redirects","https://www.computing.co.uk/news/2025/security/hackers-exploit-microsoft-adfs-with-office-com-redirects",{},1756233285186,1756233232672,[],{"createdDate":3302,"id":3303,"name":3304,"modelId":1892,"published":13,"meta":3305,"query":3307,"data":3308,"variations":3312,"lastUpdated":3313,"firstPublished":3314,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3315,"rev":1905},1756137886157,"33b9fd0e0432404b84576ed21886685b","TechRadarPro ADFS Coverage 8.25.25",{"breakpoints":3306,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3309,"date":3310,"image":2040,"url":3311},"Hackers are looking to steal Microsoft logins using some devious new tricks","Mon Aug 25 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.techradar.com/pro/security/hackers-are-looking-to-steal-microsoft-logins-using-some-devious-new-tricks-heres-how-to-stay-safe",{},1756137978207,1756137978194,[],{"createdDate":3317,"id":3318,"name":3319,"modelId":1892,"published":13,"meta":3320,"query":3322,"data":3323,"variations":3328,"lastUpdated":3329,"firstPublished":3330,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3331,"rev":1905},1755874652814,"bf14e809b69d4810bf1df172f30e271d","Mashable coverage ADFS 8.21.25",{"breakpoints":3321,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3324,"url":3325,"image":3326,"date":3327},"Hackers have figured out a new way to steal Microsoft logins","https://mashable.com/article/micrsoft-logins-stolen-hackers","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdb2d6dc4aefb425a8110395807be7bab","Thu Aug 21 2025 02:00:00 GMT-0700 (Pacific Daylight Time)",{},1756233296035,1755874688332,[],{"createdDate":3333,"id":3334,"name":3335,"modelId":1892,"published":13,"meta":3336,"query":3338,"data":3339,"variations":3343,"lastUpdated":3344,"firstPublished":3345,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3346,"rev":1905},1755874550015,"f4e8a9ac5eb648e8ad56ab98910f7842","SC Magazine coverage ADFS 8.21.25",{"breakpoints":3337,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3340,"date":3341,"url":3342,"image":2529},"Microsoft 365 logins pilfered via ADFS-exploiting phishing campaign","Thu Aug 21 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://www.scworld.com/brief/microsoft-365-logins-pilfered-via-adfs-exploiting-phishing-campaign",{},1755874633745,1755874633734,[],{"createdDate":3348,"id":3349,"name":3350,"modelId":1892,"published":13,"meta":3351,"query":3353,"data":3354,"variations":3357,"lastUpdated":3358,"firstPublished":3359,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3360,"rev":1905},1755874484650,"1b997c535a6d486b9516b5de9da24d98","GBHackers coverage ADFS 8.21.25",{"breakpoints":3352,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3355,"date":3341,"url":3356,"image":2514},"New Campaign Uses Active Directory Federation Services to Steal M365 Credentials","https://gbhackers.com/new-campaign-uses-active-directory-federation-services/",{},1755874541413,1755874541404,[],{"createdDate":3362,"id":3363,"name":3364,"modelId":1892,"published":13,"meta":3365,"query":3367,"data":3368,"variations":3372,"lastUpdated":3373,"firstPublished":3374,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3375,"rev":1905},1755710887023,"00a33daf1de240faa61b257a3eb74f2d","Cyber Security News coverage ADFS 8.20.25",{"breakpoints":3366,"lastPreviewUrl":37,"kind":36},{"xsmall":57,"small":39,"medium":40},[],{"image":2499,"title":3369,"date":3370,"url":3371},"Hackers weaponize Active Directory Federation Services and office.com to steal Microsoft 365 logins","Wed Aug 20 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","https://cybersecuritynews.com/phishing-campaign-microsoft-365/",{},1755785935245,1755710983261,[],{"createdDate":3377,"id":3378,"name":3379,"modelId":1892,"published":13,"meta":3380,"query":3382,"data":3383,"variations":3386,"lastUpdated":3387,"firstPublished":3388,"testRatio":33,"createdBy":222,"lastUpdatedBy":222,"folders":3389,"rev":1905},1755704679673,"5a1d7096bf9a437493e723e32fd20a1e","Bleeping Computer Coverage on ADFS 8.20.25",{"breakpoints":3381,"kind":36,"lastPreviewUrl":37},{"xsmall":57,"small":39,"medium":40},[],{"title":3384,"date":3370,"url":3385,"image":2312},"Hackers steal Microsoft logins using legitimate ADFS redirects","https://www.bleepingcomputer.com/news/security/hackers-steal-microsoft-logins-using-legitimate-adfs-redirects/",{},1755704784856,1755704784843,[],{"createdDate":3391,"id":3392,"name":3393,"modelId":1892,"published":13,"meta":3394,"query":3396,"data":3397,"variations":3402,"lastUpdated":3403,"firstPublished":3404,"testRatio":33,"createdBy":72,"lastUpdatedBy":222,"folders":3405,"rev":1905},1755246631036,"1a8b7394549b43beae8c74c83f35ef70","Techstrong TV BH - 09152025",{"breakpoints":3395,"lastPreviewUrl":37,"kind":36},{"xsmall":57,"small":39,"medium":40},[],{"image":3398,"title":3399,"url":3400,"date":3401},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff14ea470e0564d97ab7b01a702b658a8","Why the browser is becoming a prime security battleground","https://securityboulevard.com/2025/08/why-the-browser-is-becoming-a-prime-security-battleground/","Thu Aug 14 2025 09:00:00 GMT+0100 (British Summer Time)",{},1755625254002,1755246879749,[],1776343283212]