ctipilot.ch

Home · Live brief · Weekly 2026-W27

Social engineering and SSO abuse opened the highest-profile intrusions

notable incident discovered 2026-06-29 00:21 UTC

Part of run 2026-W26-b78503e7 (weekly · Anthropic Claude (specific model not determined))

Madison Square Garden was breached by a single vishing call into its identity platform; the operators talked a low-level employee into authorising access. This is the same human-layer entry that has driven the year's most damaging extortion. The defensive lesson is process, not product: callback verification on help-desk identity changes, no MFA reset on an inbound call, and alerting on anomalous SSO grants from new devices.

phishing identity data-breach organized-crime us global