- What can we help you find today?Filtering by
Phantom Labs™ researchers "think like attackers" to expose privilege escalation paths and identity attack vectors, helping defenders proactively uncover misconfigurations and detect threats in complex hybrid and cloud environments. Using advanced graph modeling, Phantom Labs™ researchers map attack paths to privileged access across cloud and on-premises infrastructure.
Hidden privilege paths are one of the most dangerous blind spots in identity security. In this Phantom Labs research blog, we explore how statistical modeling and machine learning applied to the BeyondTrust True Privilege™ Graph can detect anomalous privilege paths and unexpected access relationships across complex environments.
Uncover hidden power and privilege in your organization. Learn how scattered permissions, connected apps, and APIs create Salesforce access risk.
The second part of a comprehensive guide to AWS Bedrock API key security, this research builds off of the risks of AWS Bedrock API keys introduced in part one to cover detection, prevention, incident response, and migration to STS.
This blog explores how computer use agents can be used to build an agentic command-and-control framework. By combining LLM reasoning with desktop interaction tools, attackers could automate endpoint control while blending into normal system behavior. Here, we break down the architecture, abuse scenarios, and detection opportunities.
The integration of AI coding agents into developer workflows have introduced new, high-impact attack surfaces. BeyondTrust Phantom Labs recently identified a critical command injection vulnerability in OpenAI Codex that allowed for the theft of GitHub User Access Tokens. This blog provides a deep dive into the exploit, the risks of automated token exfiltration, and essential mitigations for AI vendors and the organizations that deploy them.
