MITIGA LABS

Cutting-Edge Cloud Research.
Real-World Cloud Defense.

Welcome to Mitiga Labs, our research and innovation arm built to expose how modern attackers operate in Cloud and SaaS. We break down real campaigns and publish practical guidance tohelp security teams stop cloud attacks from having impact. Our research powers the Zero-Impact Breach Prevention approach at the core of the Mitiga platform.

Explore Our Research

What We Saw in 2025. What Comes Next.

The Cloud Attack Campaigns and Research that Defined a Year.

2025 was the year the threat got smarter. Attackers skipped zero-days and walked in through trusted identities, OAuth links, API chains, and lateral SaaS paths.

Read Full Report

LET THEM COME

What We Saw
in 2025. The Year the Threat Got Smarter

A Threat Intelligence Report from Mitiga Labs

Purposeful Insights on the Cloud Security Frontier

Mitiga Labs is where we tear into the latest Cloud, SaaS, AI, and Identity attacks. Our researchers decode how adversaries operate and turn that knowledge into defense strategies that stop cloud attacks from having impact. Every discovery fuels Mitiga’s Zero-Impact Breach Prevention.

Meet the Team

Latest from the Labs

Explore the latest discoveries, deep dives, and technical how-tos from the Mitiga Labs team. Our research is dedicated to informing defenders and disrupting attackers.

Claude Code MCP Token Theft: MitM Attack Explained

Mitiga Labs shows how Claude Code MCP configuration can be hijacked through ~/.claude.json to steal OAuth tokens, persist through rotation, and hide in trusted SaaS activity.

Read More

RESEARCHERS

Idan Cohen

ShinyHunters, Snowflake, and Rockstar: Another SaaS Leads to Compromise

ShinyHunters leveraged stolen SaaS tokens from Anodot to access Snowflake data, impacting firms like Rockstar Games in a growing supply chain breach scenario.

Read More

RESEARCHERS

Idan Cohen

Defining Blast Radius in Cloud Incidents

A practitioner's guide to scoping impact, isolating affected systems, and containing incidents across cloud-native infrastructure

Read More

RESEARCHERS

Ucha Gobejishvili

Claude Code Slack Compromise: Malicious Skills Attack

See how a malicious Claude Code skill can abuse Slack trust, send phishing from a real user account, and expand AI agent supply chain risk across the organization.

Read More

RESEARCHERS

Idan Cohen

AI Adoption: The Ride So Far

Roei Sherman has been using AI tools and is now more productive at work. But the question that keeps himupisn’t “am I better?” – it’s “am I better enough?”

Read More

RESEARCHERS

Roei Sherman
View More

Research Team

Austin Bollinger

Principal Incident Responder

Ariel Ainhoren

Head of Cloud Security Research

Ucha Gobejishvili

Senior Incident Responder

Roei Sherman

Senior Director | Mitiga Research

Idan Cohen

Cloud Researcher

Jed Morley

Senior Incident Responder

Yael Ben Yair

Cloud Security Researcher

Asad Saffoury

Cloud Security Researcher

Nir Varon

Security analyst

Mitiga Helios AIDR

The next critical capability for Mitiga's Al-native CDR platform is here.
Explore our solution that empowers and automates SecOps, protects AI infrastructure, and defends against AI-sclaed attacks.

Learn More

Featured Videos

Cloud, Identity & SaaS Forensic, Investigation-Not What You Think!

RSA CONFERENCE
Learn More
From Snowflake to Snowstorm: Navigating Breaches and Detections

RSA CONFERENCE
Learn More
Getting Real & Hitting the Fan 2025: Think You See Me? No You Don't!

RSA CONFERENCE
Learn More

Get resilient

Get a demo
Get a Demo

Copyright © Mitiga Security Inc. All rights reserved | Terms of Use | Privacy Policy