MITIGA LABS

Cutting-Edge Cloud Research.
Real-World Cloud Defense.

Welcome to Mitiga Labs, our research and innovation arm built to expose how modern attackers operate in Cloud and SaaS. We break down real campaigns and publish practical guidance tohelp security teams stop cloud attacks from having impact. Our research powers the Zero-Impact Breach Prevention approach at the core of the Mitiga platform.

Explore Our Research

What We Saw in 2025. What Comes Next.

The Cloud Attack Campaigns and Research that Defined a Year.

2025 was the year the threat got smarter. Attackers skipped zero-days and walked in through trusted identities, OAuth links, API chains, and lateral SaaS paths.

Read Full Report

LET THEM COME

What We Saw
in 2025. The Year the Threat Got Smarter

A Threat Intelligence Report from Mitiga Labs

Purposeful Insights on the Cloud Security Frontier

Mitiga Labs is where we tear into the latest Cloud, SaaS, AI, and Identity attacks. Our researchers decode how adversaries operate and turn that knowledge into defense strategies that stop cloud attacks from having impact. Every discovery fuels Mitiga’s Zero-Impact Breach Prevention.

Meet the Team

Latest from the Labs

Explore the latest discoveries, deep dives, and technical how-tos from the Mitiga Labs team. Our research is dedicated to informing defenders and disrupting attackers.

Cloud Threat Hunting: From Events to Attack Chains

Mitiga Labs shows how cloud threat hunting connects identity, control-plane, and data-plane evidence into attack chains defenders can investigate and contain.

Read More

RESEARCHERS

Ucha Gobejishvili

Claude Code MCP Token Theft: MitM Attack Explained

Mitiga Labs shows how Claude Code MCP configuration can be hijacked through ~/.claude.json to steal OAuth tokens, persist through rotation, and hide in trusted SaaS activity.

Read More

RESEARCHERS

Idan Cohen

ShinyHunters, Snowflake, and Rockstar: Another SaaS Leads to Compromise

ShinyHunters leveraged stolen SaaS tokens from Anodot to access Snowflake data, impacting firms like Rockstar Games in a growing supply chain breach scenario.

Read More

RESEARCHERS

Idan Cohen

Defining Blast Radius in Cloud Incidents

A practitioner's guide to scoping impact, isolating affected systems, and containing incidents across cloud-native infrastructure

Read More

RESEARCHERS

Ucha Gobejishvili

Slack Compromise via Claude Code: Managing AI Agent Security Risks

Mitiga investigates a Slack compromise involving Claude Code skills. Learn to identify AI agent security risks through forensic log analysis and containment.

Read More

RESEARCHERS

Idan Cohen
View More

Research Team

Austin Bollinger

Principal Incident Responder

Ariel Ainhoren

Head of Cloud Security Research

Ucha Gobejishvili

Senior Incident Responder

Roei Sherman

Senior Director | Mitiga Research

Idan Cohen

Cloud Researcher

Jed Morley

Senior Incident Responder

Yael Ben Yair

Cloud Security Researcher

Asad Saffoury

Cloud Security Researcher

Nir Varon

Security analyst

Mitiga Helios AIDR

The next critical capability for Mitiga's Al-native CDR platform is here.
Explore our solution that empowers and automates SecOps, protects AI infrastructure, and defends against AI-sclaed attacks.

Learn More

Featured Videos

Cloud, Identity & SaaS Forensic, Investigation-Not What You Think!

RSA CONFERENCE
Learn More
From Snowflake to Snowstorm: Navigating Breaches and Detections

RSA CONFERENCE
Learn More
Getting Real & Hitting the Fan 2025: Think You See Me? No You Don't!

RSA CONFERENCE
Learn More

Get resilient

Get a demo
Get a Demo

Copyright © Mitiga Security Inc. All rights reserved | Terms of Use | Privacy Policy