If your 2026 plan is “watch for the next zero-day”… congrats, you’re budgeting for the wrong kind of outage. 🥴
2025’s real operating pain was boring (and brutal): stolen tokens, shady OAuth consents, device-code/AiTM phishing, and edge appliances that turn into weekend bonfires.
Two headlines that should haunt your calendar invites:
Salesforce tenants hit via compromised OAuth tokens tied to the Salesloft/Drift integration (token replay → bulk exports).
M&S put the cyber hit at ~£300M operating profit impact—that’s not “we’ll patch next sprint” money.
So here’s the uncomfortable question: Do you know your “Connected Apps” inventory better than your asset inventory? And can you revoke/rotate high-risk tokens in <4 hours… or are you doing “incident response by meeting invite”? 😅
Read / subscribe:
https://blog.alphahunt.io/zero-days-are-a-distraction-2025s-biggest-losses-were-stolen-tokens-oauth
#AlphaHunt #IdentitySecurity #OAuth #ZeroTrust #SaaS