SaaS sprawl and AI adoption surged in 2025, creating new security challenges. Here are the key product updates we delivered to help teams stay ahead.
SaaS sprawl and AI adoption surged in 2025, creating new security challenges. Here are the key product updates we delivered to help teams stay ahead.
A critical vulnerability was discovered in the Base44 vibe coding platform, recently acquired by Wix.
A critical vulnerability was discovered in the Base44 vibe coding platform, recently acquired by Wix.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Midnight Blizzard has been actively targeting organizations across various sectors since at least 2021.
Midnight Blizzard has been actively targeting organizations across various sectors since at least 2021.
A security incident has been identified involving Amazon’s Q Developer Extension for Visual Studio Code (VSC), version 1.84.0.
A security incident has been identified involving Amazon’s Q Developer Extension for Visual Studio Code (VSC), version 1.84.0.
Learn how to discover, assess, and remove unauthorized Otter AI accounts with Nudge Security's AI security tools.
Learn how to discover, assess, and remove unauthorized Otter AI accounts with Nudge Security's AI security tools.
A browser-based security solution can deliver powerful, real-time security insights and engagement as your workforce uses SaaS and GenAI apps. But it's not a silver bullet.
A browser-based security solution can deliver powerful, real-time security insights and engagement as your workforce uses SaaS and GenAI apps. But it's not a silver bullet.
High-Severity Data Exposure Vulnerability Identified in ServiceNow Platform (Count(er) Strike)
High-Severity Data Exposure Vulnerability Identified in ServiceNow Platform (Count(er) Strike)
AI meeting tools like Otter and Fireflies spread fast. Nudge Security helps you uncover and manage the risks.
AI meeting tools like Otter and Fireflies spread fast. Nudge Security helps you uncover and manage the risks.
Missteps like weak MFA enforcement, legacy auth, and excess admin access can open the door to attackers. Here's how to fix them before they’re exploited.
Missteps like weak MFA enforcement, legacy auth, and excess admin access can open the door to attackers. Here's how to fix them before they’re exploited.
Harden your Google Workspace environment with these five essential security settings and configurations.
Harden your Google Workspace environment with these five essential security settings and configurations.
Security researchers from Google and Citizen Lab have identified a sophisticated phishing campaign that targets prominent academics and critics of Russia.
Security researchers from Google and Citizen Lab have identified a sophisticated phishing campaign that targets prominent academics and critics of Russia.
Asana identified a data exposure bug within its Model Context Protocol (MCP) server on June 4, 2025.
Asana identified a data exposure bug within its Model Context Protocol (MCP) server on June 4, 2025.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
Proofpoint researchers have identified an ongoing and active account takeover (ATO) campaign active since December 2024.
Proofpoint researchers have identified an ongoing and active account takeover (ATO) campaign active since December 2024.
Enrich your understanding of SaaS and AI usage with real-time data and promote safe security practices with browser nudges.
Enrich your understanding of SaaS and AI usage with real-time data and promote safe security practices with browser nudges.
Six essential Okta security configurations that every security practitioner should monitor.
Six essential Okta security configurations that every security practitioner should monitor.
Why effective vendor risk management is a critical strategy for identifying, assessing, and mitigating risks within the SaaS supply chain.
Why effective vendor risk management is a critical strategy for identifying, assessing, and mitigating risks within the SaaS supply chain.
Google Threat Intelligence Group has identified a financially motivated threat actor conducting voice phishing campaigns aimed at breaching Salesforce instances.
Google Threat Intelligence Group has identified a financially motivated threat actor conducting voice phishing campaigns aimed at breaching Salesforce instances.
As HIPAA modernizes its standards for a SaaS & AI-powered world, healthcare organizations require new approaches to safeguarding access to sensitive data.
As HIPAA modernizes its standards for a SaaS & AI-powered world, healthcare organizations require new approaches to safeguarding access to sensitive data.
Why comprehensive shadow IT discovery is an essential first step toward securing an organization's SaaS estate.
Why comprehensive shadow IT discovery is an essential first step toward securing an organization's SaaS estate.
Shadow IT risks present a formidable challenge to modern businesses. Learn to identify shadow IT risks and regain control of your security posture.
Shadow IT risks present a formidable challenge to modern businesses. Learn to identify shadow IT risks and regain control of your security posture.
How to streamline all aspects of your SaaS data governance process, ensuring that technology is onboarded, managed, and secured properly.
How to streamline all aspects of your SaaS data governance process, ensuring that technology is onboarded, managed, and secured properly.
How to streamline IAM, starting with a complete inventory of every and SaaS app that’s been introduced into your organization.
How to streamline IAM, starting with a complete inventory of every and SaaS app that’s been introduced into your organization.
