Thousands of live API keys and passwords found exposed in training data

On February 27, 2025, security researchers revealed that LLMs were trained on datasets containing approximately 12,000 live API keys and passwords.

Microsoft’s Copilot found exposing thousands of private GitHub repositories

On February 27, 2025, security researchers from cybersecurity company Lasso discovered a serious data exposure issue involving Microsoft's Copilot.

How cloud sync and other SaaS dark patterns can put your organization at risk

While SaaS features and discounts offer many conveniences, some of the industry's darker patterns can put your organization at risk.

Why non-human identity management is critical to SaaS security

Protecting your organization’s data from NHI risks shouldn’t be a guessing game. Our app-to-app integrations table is here to help.

The rise of DeepSeek and the implications of shadow AI

The swift success of DeepSeek comes with pressing concerns about data security, regulatory compliance, and the hidden risks of shadow AI.

The essential guide to identity governance for SaaS

How to implement a structured framework to manage user access rights effectively across diverse applications and environments.

2024 Wrapped: The Year in Security

Please enjoy our reflections on the big moments, releases, breaches, and outages that defined the year in cybersecurity.

We’re going deep on SaaS security and governance with new connected apps

Gain deeper insight into your SaaS environments and strengthen your SaaS security posture with our growing library of connected apps.

The Rush to AI Opens Doors to Cyberattacks

Nudge Security CEO Russell Spitler explores the possibility of an AI-fueled cyberattack in this OpEd published in The Information.

Harden your identity infrastructure with our new Okta connected app

With a new, deeper integration for Okta, Nudge Security customers can further harden and protect their critical identity stack.

A guide to IT offboarding in a SaaS-first world

Thus far, IT automation has failed to address the hardest parts of employee offboarding. Here’s what IT and operations professionals need to know.

Social engineering campaign using fake reviews on the Chrome Web Store

LastPass has reported a social engineering campaign using fake reviews on the Chrome Web Store.

AD/LDAP delegated authentication bypass - username above 52 characters

On October 30, 2024, a security flaw was detected in Okta’s AD/LDAP Delegated Authentication (DelAuth) service.

Nudge Security is TWO years old this month 🎂

To celebrate our second birthday, we're reflecting on our journey—and all the new features we've added to help customers scale SaaS security and governance.

DocuSign SaaS services used to deliver phishing campaigns

Attackers have been utilizing DocuSign’s SaaS platform to deliver phishing campaigns that are able to bypass email security checks.

What savvy security leaders are prioritizing for 2025

Why SaaS security should be a core element of your IT security and governance program.

A guide to supply chain management software & SaaS

How to map your SaaS supply chain automatically, so you can quickly determine if a third- or fourth-party breach puts you at risk.

Malicious Google Ads campaign targeting SaaS software downloads

Threat actors are leveraging fake Google Ads linked to deceptive websites that mimic legitimate download pages.

Okta Classic sign-on policy bypass vulnerability

Read a summary of the vulnerability, how it could be exploited, and what to look for to understand if your organization could have been impacted.

7 Gartner reads on SaaS security & governance

Learn how top analysts are viewing the emerging SaaS security and governance space.

How to measure AI security risks against productivity rewards

While AI tools like ChatGPT can be a boon for productivity, they also raise security and privacy concerns. What can IT and security teams do to minimize the risks?

Cutting SaaS sprawl? Assess SaaS spend, security, and usage insights all in one place.

Make smart, data-driven SaaS investment decisions that drive the business forward while reducing risk and waste.