The blog 01

Field notes from the identity frontier.

Breach teardowns, threat research and product dispatches from the team stopping identity attacks in production — written for the people who get paged.

Latest dispatch
Security·Jul 7, 2026

The Illicit Consent Grant Part 1: Understanding Modern OAuth Consent Phishing

An illicit consent grant abuses OAuth 2.0's delegated authorization model: instead of stealing who you are, the attacker steals what you can do. There is no software bug to patch, and the attack sails past MFA because it intercepts authorization, not authentication. This post breaks down why consent phishing works and evades detection, walks through the three-move attack chain from lure to token, and dissects the CoPhish case study that weaponizes Microsoft Copilot Studio — then shows how SlashID defends before, during, and after the grant.

SlashID Team SlashID Team
Threat Intelligence
Read the analysis
// security · Jul 7, 2026
62 dispatches
Security Analysis of the 2026 Stryker Breach: Weaponizing Cloud Endpoint Management
Security · Jun 1, 2026

Analysis of the 2026 Stryker Breach: Weaponizing Cloud Endpoint Management

Stryker breach · Microsoft Intune · Living-off-the-Land
Read more
Security
Security · Apr 20, 2026

Vercel April 2026 Security Incident: How a Compromised OAuth App Led to a Major Breach

OAuth 2.0 · Vercel breach · Identity security
Read more
Security Deepfake Impersonation Attacks (Part 2): Defending with SlashID Mutual TOTP
Security · Mar 30, 2026

Deepfake Impersonation Attacks (Part 2): Defending with SlashID Mutual TOTP

Deepfakes · AI impersonation · Mutual TOTP
Read more
Security Deepfake Impersonation Attacks (Part 1): Anatomy of Modern Deepfakes
Security · Mar 16, 2026

Deepfake Impersonation Attacks (Part 1): Anatomy of Modern Deepfakes

Deepfakes · AI impersonation · Video fraud
Read more
Security NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID
Security · Mar 6, 2026

NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID

Vishing · NYDFS · Help desk impersonation
Read more
Security Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense
Security · Jan 16, 2026

Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense

Read more
Security
Security · Nov 9, 2025

Microsoft Actor Token Forgery

Actor Token Exchange Forgery · OAuth 2.0 · Supply‑chain attack
Read more
Security
Security · Sep 21, 2025

Access tokens strike again, the Salesloft Drift breach

Salesforce · Salesloft · Drift
Read more
Security
Security · Aug 31, 2025

Illicit Consent-Granting & App Backdooring – Obtaining persistence in Entra

Azure AD · Entra ID · OAuth 2.0
Read more
New Feature
New Feature · May 5, 2025

Achieving Least Privilege: Unused Entitlement Removal

Service account security · NHI · Identity security
Read more
Security
Security · Jan 8, 2025

Protecting against malicious OAuth 2.0 applications

Service account security · NHI · Identity security
Read more
Security
Security · Dec 16, 2024

Navigating PCI DSS 4.0: The Challenge of Non-Human Identities

Service account security · NHI · Identity security
Read more
Security
Security · Sep 30, 2024

Identity Security: The problem(s) with federation

Service account security · NHI · Identity security
Read more
Security
Security · Sep 16, 2024

Non-Human Identities Security: Breaking down the problem

Service account security · NHI · Identity security
Read more
New Feature
New Feature · Aug 26, 2024

Detecting Man-in-the-Middle Attacks with SlashID

mitm · man in the middle · aitm
Read more
Deep Dives
Deep Dives · Aug 22, 2024

A deep dive in the AWS credential leaks reported by Palo Alto Networks

credential theft · Leaked Environment Variables · unit 42
Read more
New Feature
New Feature · Jul 22, 2024

SlashID RBAC: Globally-available role-based access control

RBAC
Read more
Security
Security · Jul 15, 2024

Protecting against Snowflake breaches

Service account security · NHI · Identity security
Read more
New Feature
New Feature · Jun 24, 2024

Introducing the SlashID Local Deployment

local authentication · On-prem authentication · authentication deployment
Read more
Security
Security · Jun 17, 2024

ODPR: A Framework for Securing Non-Human Identities

Service account security · NHI · Identity security
Read more
New Feature Credential Tokenization: Protecting third-party API credentials
New Feature · Jun 10, 2024

Credential Tokenization: Protecting third-party API credentials

Read more
New Feature Secure API and M2M Access with OAuth2 Client Credentials and SlashID's sidecar
New Feature · Jun 3, 2024

Secure API and M2M Access with OAuth2 Client Credentials and SlashID's sidecar

ext_authz · s2s authentication · m2m authentication
Read more
New Feature
New Feature · May 14, 2024

Introducing Organization Attributes

organization attributes · secret storage · multi-tenancy
Read more
New Feature
New Feature · Apr 24, 2024

Introducing Anonymous Users: Balancing First-Party Data Collection and User Experience

First-party data · cookieless
Read more
Product Releases SlashID SDK for PHP and Laravel authentication
Product Releases · Apr 2, 2024

SlashID SDK for PHP and Laravel authentication

php · php authentication · laravel authentication
Read more
Deep Dives
Deep Dives · Mar 6, 2024

Adding custom claims to identity tokens

Read more
New Feature
New Feature · Feb 19, 2024

SlashID: Building a globally distributed Identity Platform

multi-region identity · localized identity · globally distributed
Read more
Deep Dives
Deep Dives · Jan 31, 2024

Passkeys Adoption Trends: Survey from Large Deployments

passkeys · passkeys benefits · passkeys rollouts
Read more
Security
Security · Jan 18, 2024

Single Sign-On implementation: Safely retrieving the email claim

OpenID Connect security · SSO security · Single Sign-on security
Read more
Security
Security · Jan 8, 2024

Single Sign-On implementation: Security Issues and Best Practices

OpenID Connect security · SSO security · Single Sign-on security
Read more
New Feature Introducing the SlashID Remix SDK: Authentication made easy
New Feature · Jan 2, 2024

Introducing the SlashID Remix SDK: Authentication made easy

auth · authentication · remix
Read more
Security Firebase Authentication and Google Identity Platform User Enumeration Vulnerability
Security · Nov 27, 2023

Firebase Authentication and Google Identity Platform User Enumeration Vulnerability

Read more
New Feature
New Feature · Oct 27, 2023

GDPR Compliance: Consent Management

Read more
New Feature
New Feature · Oct 23, 2023

OAuth 2.0 Fine-Grained API Authorization with Gate and OpenAPI

OpenAPI · API Authorization
Read more
Tutorial
Tutorial · Oct 16, 2023

Rate Limiting for Large-scale, Distributed Applications and APIs Using GCRA

distributed rate limiting · bot protection
Read more
Tutorial
Tutorial · Oct 10, 2023

Context-aware authentication: fight identity fraud and qualify your users

Read more
Deep Dives
Deep Dives · Sep 28, 2023

Backend Authentication and Authorization Patterns: Benefits and Pitfalls of Each

Read more
Deep Dives
Deep Dives · Sep 21, 2023

JWT Implementation Pitfalls, Security Threats, and Our Approach to Mitigate Them

JWT Security · JWT implementation · jwt security
Read more
Tutorial
Tutorial · Sep 18, 2023

No-code anti-phishing protection of internal apps with Passkeys

Read more
Tutorial
Tutorial · Sep 14, 2023

Firewalling OpenAI APIs: Data loss prevention and identity access control

Read more
New Feature
New Feature · Sep 12, 2023

Ditch your organizations table

Read more
Tutorial
Tutorial · Sep 5, 2023

Protecting Exposed APIs: Avoid Data Leaks with SlashID Gate and OPA

Read more
Open Source Docusaurus - Authentication and authorization with SlashID
Open Source · Aug 28, 2023

Docusaurus - Authentication and authorization with SlashID

Read more
New Feature Authenticate your Shopify customers with SlashID
New Feature · Jul 25, 2023

Authenticate your Shopify customers with SlashID

Shopify passwordless · Shopify authentication · Shopify Passkeys
Read more
New Feature
New Feature · Jul 20, 2023

Synchronous Webhooks

Read more
Tutorial
Tutorial · Jul 16, 2023

Building a React Login Page Template

react login page · react login · react authentication
Read more
New Feature
New Feature · Jun 10, 2023

SlashID Analytics Webhooks

Read more
Deep Dives Passkeys - Threat modeling and implementation considerations
Deep Dives · May 24, 2023

Passkeys - Threat modeling and implementation considerations

passkey · passkey implementation · webauthn implementation
Read more
New Feature Authentication flows with SlashID
New Feature · May 12, 2023

Authentication flows with SlashID

Read more
Tutorial Using Google Tink to sign JWTs with ECDSA
Tutorial · Feb 20, 2023

Using Google Tink to sign JWTs with ECDSA

Read more
New Feature
New Feature · Feb 9, 2023

React SDK support for <Groups>

Read more
New Feature Sign-in and Sign-up React component release
New Feature · Jan 18, 2023

Sign-in and Sign-up React component release

Read more
New Feature
New Feature · Jan 16, 2023

Fetching Google Groups with SlashID SSO

Read more
Experiments In-browser HSM-backed Encryption with Tink and Wasm
Experiments · Dec 18, 2022

In-browser HSM-backed Encryption with Tink and Wasm

Read more
New Feature Official React SDK release
New Feature · Nov 28, 2022

Official React SDK release

Read more
Open Source Adding Identity to Docusaurus
Open Source · Nov 12, 2022

Adding Identity to Docusaurus

Read more
New Feature Introducing Data Vault - Secure HSM-backed PII storage directly from the frontend
New Feature · Nov 7, 2022

Introducing Data Vault - Secure HSM-backed PII storage directly from the frontend

Read more
New Feature Social logins in 5 minutes or less
New Feature · Nov 1, 2022

Social logins in 5 minutes or less

Read more
Deep Dives App-layer cryptographic primitives for secure storage of user data
Deep Dives · Oct 20, 2022

App-layer cryptographic primitives for secure storage of user data

Read more
Deep Dives The good, the bad and the ugly of Apple Passkeys
Deep Dives · Sep 23, 2022

The good, the bad and the ugly of Apple Passkeys

passkey · passkey implementation · webauthn implementation
Read more
Compliance The Security and Regulatory Compliance Benefits of WebAuthn
Compliance · Sep 14, 2022

The Security and Regulatory Compliance Benefits of WebAuthn

Read more
Security Phishing Attacks – WebAuthn to the rescue
Security · Sep 12, 2022

Phishing Attacks – WebAuthn to the rescue

Read more
Subscribe 02

Get the dispatch in your inbox.

New breach teardowns and detection research, sent the day they ship. No digest, no marketing — just the analysis.

~2 emails a month · unsubscribe anytime
Threat ResearchBreach AnalysisProduct