PRIME MEMBER EXCLUSIVE | 3 Months Free Trial
Auto-renews at INR 199/mo after 3 months. Cancel anytime. Offer ends 15 July, 2026.
The trust paradox: How attackers weaponize legitimate SaaS platforms
Failed to add items
Add to cart failed.
Add to wishlist failed.
Remove from wishlist failed.
Follow podcast failed
Unfollow podcast failed
-
Narrated by:
-
Written by:
In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down the mechanics of these campaigns and provide actionable strategies for security teams to move beyond binary trust and implement contextual awareness to better protect their organizations.
Blog: https://blog.talosintelligence.com/weaponizing-saas-notification-pipelines/