👀Why attackers love SSO!
"Mandiant observed pivots into client SaaS applications. Traditionally used to centralize and increase security, in these instances they allowed access to applications hosted through MFA providers... vCenter, CyberArk, SalesForce, Azure, CrowdStrike"