The secure enterprise browser extension for the AI era. Combining browser telemetry and autonomous agents to stop advanced advanced attacks and secure AI usage.
Joined November 2019
- Tweets 307
- Following 71
- Followers 715
- Likes 100
174 Photos and videos
Pinned Tweet
27 Jul 2023
💡 Introducing a SaaS attack matrix of networkless SaaS attack techniques
- These attacks bypass EDR and network detection
💬 #Pentesters #Redteams We’d love to some comments or contributions for things you've tried on GitHub!
Links in 🧵
#security #infosec #SaaSsecurity
2
5
18
3,074
Jun 11
Push Security just won Best Secure Enterprise Browser @TheHackersNews Cybersecurity Stars Awards! Deploy in minutes.
Any browser. Real-time protection. No migration.
awards.thehackernews.com/win…
1
7
7,128
May 27
Push Security has been named to @Redpoint’s 2026 InfraRed 100 🎉
Honored to be recognized among the companies shaping the future of cloud infrastructure and AI as we build the most powerful AI-native security tool in the browser. Read the full report: redpoint.com/infrared/report…
1
44
Push retweeted
Apr 22
📢 Sponsor: Join Push Security researchers incredible guests for a new webinar series on the State of Browser Attacks. The browser is the place where modern breaches happen, powered by new PhaaS kits and AI tools. Get ahead—register now:
hubs.li/Q049468f0
1
1
2
599
Push retweeted
Apr 1
I'm pumped to join @PushSecurity for a live chat on browser attacks -- actually, a new series they're starting, with folks way cooler than me: @troyhunt & @mattjay ! My show is with @jukelennings to dig into today's tradecraft, April 16th at 11am ET! Link: jh.live/push-security-webina…
1
9
70
11,181
Mar 9
With Push, you get an OS and browser agnostic way to manage and remove browser extensions. With our latest feature, you can now also automatically block known-bad extensions from running in your environment.
Read our guide to securing browser extensions hubs.li/Q045MP4-0
1
142
Mar 6
The next evolution of ClickFix is here: InstallFix.
Attackers distribute cloned Claude Code websites via malicious search ads. The pages contain fake instructions that trick victims into installing infostealer malware instead.
Read the breakdown
hubs.li/Q045TM6F0
1
170
Mar 5
Most breaches now start in the cloud — no malware needed.
Attackers exploit legit functionality, dump data, and demand ransom. The common thread? It all happens in the browser.
See how these attacks work in the wild 👉hubs.li/Q045KBZv0
121
9 Oct 2025
ClickFix, FileFix & related browser attacks are up 517% in 6 months. Push now detects ClickFix, FileFix, and other browser-based attacks that copy malicious code and run it on the victim’s machine.
Learn more: pushsecurity.com/blog/introd…
1
5
387
27 Aug 2025
Attacks have moved away from endpoints and internal networks to the browser — a blind spot for traditional security tools. Read more below 👇
pushsecurity.com/blog/how-th…
1
3
305
24 Apr 2025
🚀 We’re thrilled to announce our $30M Series B led by @Redpoint, supercharging our mission to stop identity attacks 🚀
Check out the press release here: pushsecurity.com/news/push-s…
2
4
15
1,509
19 Feb 2025
Have you signed up to see @jukelennings use OpenAI Operator to automate identity attacks? Watch the clip below to see how it responds when tasked with logging into apps using stolen credentials.
Want to see more? Register for the webinar here 👇 pushsecurity.com/webinar/aut…
2
3
954
10 Dec 2024
We're ready for @BlackHatEvents Europe this week!
Stop by booth 436 to chat with @ajaybateman, @jukelennings and the team about the rise in identity attacks – and how Push's browser-based ITDR solution gives defenders the advantage they need.
We’ve got brand new swag too!
3
413
Push retweeted
25 Nov 2024
1/ A new class of phishing - how verification phishing and cross-idp impersonation can bypass your SSO.
Here is a video demo, but this is one where you really need to read the full article too - pushsecurity.com/blog/a-new-…
I'll summarize the key points in this thread.
5
19
54
7,028
26 Sep 2024
Are you at GrrCON? Join us tonight for an epic evening of delicious food, refreshing drinks, and fantastic networking. Spots are going quickly! Register now: lu.ma/grrconhappyhour?utm_so…
1
1
386
3 Sep 2024
Ready to meet the REAL cookie monster?
Join us on September 12th where @jukelennings will be compromising MFA-protected services by stealing session cookies and hijacking live sessions.
Don’t miss out – register here: pushsecurity.com/webinar/inf…
1
3
370
30 Aug 2024
Don't miss out on our upcoming webinar where @jukelennings will be demoing infostealers, showing how to steal cookies and hijack sessions for MFA-protected services like M365 and downstream SaaS apps. Details below 👇
Pick a time and register here: pushsecurity.com/webinar/inf…
2
314
Push retweeted
9 Aug 2024
Some of my research on SaaS attacks, including ghost logins and other persistence vectors, made it on to @DarknetDiaries
Achievement unlocked.
1
3
7
644
Push retweeted
29 Jul 2024
I wrote a blog post on the many defense mechanisms phishing kits are using to avoid discovery and analysis now.
I used a recent instance of NakedPages and cover 9 different techniques, including Cloudflare Workers and Turnstile abuse.
IOCs included.
pushsecurity.com/blog/how-ai…
31
75
6,021
24 Jul 2024
Join us for happy hour with @sublime_sec on August 8! Grab a drink, have a bite, catch up with old friends (and make some new ones) at KUMI in Mandalay Bay!
RSVP: lu.ma/bh24-sublime-push?utm_…
171
Push retweeted
27 Jun 2024
If you missed my Snowflake webinar yesterday and you’re impacted by the recent breach, you can check out this link to the demo segment from the webinar, where I show how to disable ghost logins in Snowflake.
Remember, this is not just a Snowflake problem
pushsecurity.com/resources/v…
2
6
622