Shadow Linking: The Persistence Vector of SaaS Identity Threat
Executive Summary The Obsidian Security Research Team has uncovered a persistence attack vector, Shadow Linking, which allows threat actors to gain persistent access via OpenID Connect (OIDC) login to victims’ SaaS accounts stealthily. Employees may also abuse this technique to maintain persistent access to company resources even after their offboarding. Many applications lack adequate defenses […]
