Earlier this year the cybercrime group LAPSUS$ claimed responsibility for several high-profile attacks against some of the world’s top technology companies, including Microsoft and Nvidia. While the breaches differed in size and scope, many leveraged vulnerabilities in third-party applications to gain access to a company’s network.