2:I[6932,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
3:I[3500,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
5:I[9812,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
6:I[1160,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
7:I[5750,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"Image"]
8:I[6731,[],""]
a:I[2923,[],""]
c:I[5960,["500","static/chunks/500-1193d1955921814f.js","185","static/chunks/app/layout-aefed4accc7284b3.js"],"ThemeProvider"]
4:T931,[{"@context":"https://schema.org","@type":"Article","headline":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early","description":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation.","url":"https://unit6tech.com/customer-stories/supply-chain-ransomware-saas-admin","mainEntityOfPage":"https://unit6tech.com/customer-stories/supply-chain-ransomware-saas-admin","image":"https://unit6tech.com/images/unit6-cover.webp","author":{"@type":"Organization","name":"Unit6"},"publisher":{"@type":"Organization","name":"Unit6"},"articleSection":"SaaS / business intelligence platform | Global","articleBody":"A widely used business intelligence SaaS platform kept privileged administrative access into customer environments for integrations and managed services. Unit6 identified that a Sophisticated Threat Actor had compromised a privileged admin account via a likely watering-hole infection. Theft of a privileged SaaS administrator account with indications of watering-hole origin. Lateral movement within the SaaS provider’s own infrastructure. Abuse of trusted administrative pathways to pivot into multiple customer systems. Pre-ransomware behaviors aligned to Sophisticated Threat Actor tradecraft: credential harvesting, environment enumeration, quiet privilege escalation, and staging for cross-tenant deployment. Multi-tenant propagation from a single compromised foothold. Simultaneous ransomware deployment across many customers under cover of legitimate admin activity. Detection evasion because activity resembled trusted management operations. High likelihood of delayed or bypassed traditional monitoring across downstream environments."},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://unit6tech.com/"},{"@type":"ListItem","position":2,"name":"Customer stories","item":"https://unit6tech.com/customer-stories"},{"@type":"ListItem","position":3,"name":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early","item":"https://unit6tech.com/customer-stories/supply-chain-ransomware-saas-admin"}]}]9:["slug","supply-chain-ransomware-saas-admin","d"]
b:T40e,[{"@context":"https://schema.org","@type":"Organization","@id":"https://unit6tech.com/#organization","name":"Unit6","url":"https://unit6tech.com","logo":{"@type":"ImageObject","url":"https://unit6tech.com/favicon.ico"},"description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","sameAs":["https://www.linkedin.com/company/unit6tech"]},{"@context":"https://schema.org","@type":"WebSite","@id":"https://unit6tech.com/#website","url":"https://unit6tech.com","name":"Unit6: The Preventive Intelligence Company","description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","publisher":{"@id":"https://unit6tech.com/#organization"},"inLanguage":"en","potentialAction":{"@type":"SearchAction","target":"https://unit6tech.com/search?q={search_term_string}","query-input":"required name=search_term_string"}}]0:["bunrciYijO3DOgSF60x8R",[[["",{"children":["customer-stories",{"children":[["slug","supply-chain-ransomware-saas-admin","d"],{"children":["__PAGE__?{\"slug\":\"supply-chain-ransomware-saas-admin\"}",{}]}]}]},"$undefined","$undefined",true],["",{"children":["customer-stories",{"children":[["slug","supply-chain-ransomware-saas-admin","d"],{"children":["__PAGE__",{},[["$L1",["$","div",null,{"className":"relative min-h-screen overflow-hidden bg-gradient-to-b from-slate-50 via-white to-sky-50 text-slate-900 dark:from-[#03030c] dark:via-[#05031a] dark:to-[#010108] dark:text-white","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute -top-20 left-1/2 h-[560px] w-[560px] -translate-x-1/2 rounded-full bg-sky-500/20 blur-[220px]"}],["$","div",null,{"className":"absolute inset-y-0 right-0 h-full w-1/2 bg-gradient-to-l from-indigo-500/10 via-transparent to-transparent blur-[220px]"}],["$","div",null,{"className":"absolute bottom-0 left-0 h-[420px] w-[420px] rounded-full bg-emerald-400/10 blur-[180px]"}]]}],["$","$L2",null,{}],["$","main",null,{"className":"relative z-10 mx-auto flex w-full max-w-5xl flex-col gap-16 px-6 pb-24 pt-32 lg:px-0","children":[["$","$L3",null,{"id":"customer-story-jsonld-supply-chain-ransomware-saas-admin","type":"application/ld+json","strategy":"beforeInteractive","children":"$4"}],["$","section",null,{"className":"space-y-4","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Customer story"}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"SaaS / business intelligence platform"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Anonymized"}]]}],["$","h1",null,{"className":"text-4xl font-semibold leading-tight text-slate-900 dark:text-white md:text-5xl","children":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","p",null,{"className":"text-lg font-semibold text-slate-700 dark:text-slate-200","children":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-300","children":[["$","span","T1078",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1078"]}],["$","span","T1098",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1098"]}],["$","span","T1046",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1046"]}],["$","span","T1482",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1482"]}]]}],["$","div",null,{"className":"flex flex-wrap gap-4","children":[["$","$L5",null,{"href":"/book-a-demo","className":"w-full sm:w-auto rounded-full border border-transparent bg-gradient-to-r from-primary via-sky-500 to-pink-500 px-6 py-3 text-sm font-semibold text-white shadow-[0_15px_45px_rgba(14,165,233,0.35)] transition hover:scale-[1.02] hover:shadow-[0_25px_70px_rgba(236,72,153,0.35)]","children":"Book a demo"}],["$","$L5",null,{"href":"/platform","className":"w-full sm:w-auto rounded-full border border-slate-200 bg-white px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white/90 dark:border-white/20 dark:bg-white/5 dark:text-white dark:hover:border-white/40 dark:hover:bg-white/10","children":"Explore the platform"}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-2","children":[["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"The situation"}],["$","p",null,{"className":"mt-3 text-base text-slate-600 dark:text-slate-300","children":"A widely used business intelligence SaaS platform kept privileged administrative access into customer environments for integrations and managed services. Unit6 identified that a Sophisticated Threat Actor had compromised a privileged admin account via a likely watering-hole infection."}],["$","div",null,{"className":"mt-4 space-y-3","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 detected"}],["$","ul",null,{"className":"space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Theft of a privileged SaaS administrator account with indications of watering-hole origin.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Theft of a privileged SaaS administrator account with indications of watering-hole origin."}]]}],["$","li","Lateral movement within the SaaS provider’s own infrastructure.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Lateral movement within the SaaS provider’s own infrastructure."}]]}],["$","li","Abuse of trusted administrative pathways to pivot into multiple customer systems.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Abuse of trusted administrative pathways to pivot into multiple customer systems."}]]}],["$","li","Pre-ransomware behaviors aligned to Sophisticated Threat Actor tradecraft: credential harvesting, environment enumeration, quiet privilege escalation, and staging for cross-tenant deployment.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Pre-ransomware behaviors aligned to Sophisticated Threat Actor tradecraft: credential harvesting, environment enumeration, quiet privilege escalation, and staging for cross-tenant deployment."}]]}]]}]]}]]}],["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Why it mattered"}],["$","ul",null,{"className":"mt-3 space-y-2 text-base text-slate-600 dark:text-slate-200","children":[["$","li","Multi-tenant propagation from a single compromised foothold.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Multi-tenant propagation from a single compromised foothold."}]]}],["$","li","Simultaneous ransomware deployment across many customers under cover of legitimate admin activity.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Simultaneous ransomware deployment across many customers under cover of legitimate admin activity."}]]}],["$","li","Detection evasion because activity resembled trusted management operations.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Detection evasion because activity resembled trusted management operations."}]]}],["$","li","High likelihood of delayed or bypassed traditional monitoring across downstream environments.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"High likelihood of delayed or bypassed traditional monitoring across downstream environments."}]]}]]}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-[1.15fr_0.85fr]","children":[["$","article",null,{"className":"space-y-4 rounded-[28px] border border-slate-200 bg-white p-7 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 did"}],["$","div",null,{"className":"space-y-4","children":[["$","div","Revoked privileged access immediately",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Revoked privileged access immediately"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Disabled compromised and at-risk admin accounts.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Disabled compromised and at-risk admin accounts."}]]}],["$","li","Reset and re-enrolled MFA for all privileged users.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Reset and re-enrolled MFA for all privileged users."}]]}]]}]]}],["$","div","Audited platform-wide administrative actions",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Audited platform-wide administrative actions"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Identified suspicious configuration changes and unknown outbound connections.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Identified suspicious configuration changes and unknown outbound connections."}]]}],["$","li","Flagged potential persistence mechanisms or altered permissions across tenants.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Flagged potential persistence mechanisms or altered permissions across tenants."}]]}]]}]]}],["$","div","Coordinated cross-tenant defenses",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Coordinated cross-tenant defenses"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Warned all customers maintaining trust relationships with the platform.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Warned all customers maintaining trust relationships with the platform."}]]}],["$","li","Recommended short-term segmentation to break lateral paths and monitored management-plane activity.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Recommended short-term segmentation to break lateral paths and monitored management-plane activity."}]]}]]}]]}],["$","div","Activated ransomware-response readiness",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Activated ransomware-response readiness"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Pushed containment rules into EDR and validated segregated backups.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Pushed containment rules into EDR and validated segregated backups."}]]}],["$","li","Deployed behavioral detections for early-stage ransomware tactics across affected tenants.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Deployed behavioral detections for early-stage ransomware tactics across affected tenants."}]]}]]}]]}]]}]]}],["$","div",null,{"className":"grid gap-4 md:grid-cols-2 lg:grid-cols-1","children":[["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-white p-5 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Outcome"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","A Sophisticated Threat Actor’s lateral movement into customer environments was interrupted mid-campaign.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"A Sophisticated Threat Actor’s lateral movement into customer environments was interrupted mid-campaign."}]]}],["$","li","The SaaS provider regained control over its administrative infrastructure.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"The SaaS provider regained control over its administrative infrastructure."}]]}],["$","li","Customers avoided a multi-tenant ransomware event that could have caused widespread outages.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Customers avoided a multi-tenant ransomware event that could have caused widespread outages."}]]}],["$","li","A supply-chain breach poised for headlines was contained before payload deployment.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"A supply-chain breach poised for headlines was contained before payload deployment."}]]}]]}]]}],["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-gradient-to-br from-slate-900 via-slate-800 to-slate-900 p-5 text-white shadow-[0_18px_70px_rgba(2,6,23,0.35)] dark:border-white/10 dark:from-[#070b20] dark:via-[#050317] dark:to-[#070b20]","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-white/60","children":"Unit6 edge"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-white/80","children":[["$","li","Ability to spot watering-hole-derived admin compromise long before ransomware impact.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Ability to spot watering-hole-derived admin compromise long before ransomware impact."}]]}],["$","li","Multi-organization coordination driven by Unit6 threat intelligence across provider and customers.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Multi-organization coordination driven by Unit6 threat intelligence across provider and customers."}]]}],["$","li","Threat-actor profiling that enabled early recognition of Sophisticated Threat Actor tactics and likely downstream actions.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Threat-actor profiling that enabled early recognition of Sophisticated Threat Actor tactics and likely downstream actions."}]]}]]}]]}]]}]]}],["$","section",null,{"className":"rounded-[32px] border border-slate-200 bg-white p-8 shadow-sm shadow-slate-200 dark:border-white/10 dark:bg-white/5","children":[["$","div",null,{"className":"flex flex-col gap-4 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Browse other stories"}],["$","h2",null,{"className":"mt-2 text-2xl font-semibold text-slate-900 dark:text-white","children":"See more anonymized wins"}]]}],["$","$L5",null,{"href":"/customer-stories","className":"inline-flex items-center justify-center rounded-full border border-slate-200 px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white dark:border-white/20 dark:text-white dark:hover:border-white/30 dark:hover:bg-white/10","children":"Back to all stories"}]]}],["$","div",null,{"className":"mt-6 grid gap-4 md:grid-cols-2","children":[["$","$L5","industrial-ot-saas",{"href":"/customer-stories/industrial-ot-saas","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Specialty chemicals / industrial manufacturing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America & Europe"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Stopping a nation-state from reaching industrial OT via a SaaS monitoring platform"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"An East Asia-aligned actor used stolen credentials to access an OT monitoring SaaS. Unit6 cut the access path and rebuilt controls before the adversary could reach production lines."}]]}],["$","$L5","healthcare-mfa-bypass",{"href":"/customer-stories/healthcare-mfa-bypass","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Healthcare / hospital system"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}]]}],["$","$L5","bpo-campaign",{"href":"/customer-stories/bpo-campaign","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Outsourcing / workforce management / BPO"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"EMEA"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}]]}],["$","$L5","helpdesk-bruteforce",{"href":"/customer-stories/helpdesk-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"IT services / systems integrator"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Middle East"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}]]}],["$","$L5","satcom-bruteforce",{"href":"/customer-stories/satcom-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Satellite communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a nation-state’s brute-force campaign against a global satellite operator"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Chinese-directed cluster brute-forced internal support portals for a satellite operator and took over accounts. Unit6 surfaced the compromise and rebuilt authentication before operations were touched."}]]}],["$","$L5","fintech-ai-bruteforce",{"href":"/customer-stories/fintech-ai-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Fintech / payments processing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Detecting AI-powered brute forcing against a fintech customer portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"AI-augmented actors brute-forced and sprayed a payments portal, taking over customer accounts. Unit6 cut off access, drove mandatory MFA, and hardened defenses against adaptive attacks."}]]}],["$","$L5","aviation-iab-warning",{"href":"/customer-stories/aviation-iab-warning","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Aerospace & aviation communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Early warning on initial access broker claims against aviation messaging systems"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Unit6 spotted a broker selling access to an aviation messaging platform before abuse began. Accounts and endpoints were hardened and a rapid-response plan put in place."}]]}],["$","$L5","precision-manufacturing-recon",{"href":"/customer-stories/precision-manufacturing-recon","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"High-precision manufacturing / medtech & optics"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Europe & Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Disrupting state-sponsored recon and credential exposure against a high-precision manufacturer"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"State-linked actors targeted engineers and admin portals at a medtech/optics manufacturer. Unit6 neutralized exposed credentials and hardened privileged access before exploitation."}]]}],["$","$L5","dual-nation-state-sft-intrusion",{"href":"/customer-stories/dual-nation-state-sft-intrusion","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Enterprise software / communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Dual nation-state intrusion into a critical file transfer system — detected before impact"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Two unrelated nation-state actors exploited the same secure file transfer stack simultaneously. Unit6 surfaced both compromises and stopped large-scale exfiltration before internal teams saw anomalies."}]]}],["$","$L5","supply-chain-intrusion-pharmaceuticals",{"href":"/customer-stories/supply-chain-intrusion-pharmaceuticals","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Pharmaceuticals / healthcare"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain intrusion into a global pharmaceutical enterprise — pre-ransomware phase blocked"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Sophisticated Threat Actor attempted to pivot from a compromised SaaS provider into a pharmaceutical company via trusted admin links. Unit6 severed trust and stopped the intrusion in the staging phase."}]]}]]}]]}]]}],["$","footer",null,{"className":"relative isolate overflow-hidden bg-gradient-to-br from-slate-50 via-white to-sky-50 text-slate-900 dark:from-slate-950 dark:via-[#080a1a] dark:to-[#02030a] dark:text-slate-100","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute inset-0 bg-[radial-gradient(circle_at_top,_rgba(56,189,248,0.18),_transparent_55%)] opacity-60 dark:opacity-80"}],["$","div",null,{"className":"absolute inset-0 bg-[linear-gradient(120deg,_rgba(15,23,42,0.08)_1px,_transparent_1px)] bg-[length:220px_220px] opacity-30 dark:opacity-40"}]]}],["$","div",null,{"className":"container relative z-10 mx-auto px-6 py-16 lg:py-20","children":[["$","$L6",null,{"className":"mx-auto w-full max-w-5xl","layout":"stacked","source":"site-footer","title":"Stay ahead with the Unit6 newsletters","description":"Pick from company releases, the Weekly Cyber Threat Briefing, or Preventive Intelligence Weekly and only hear about what matters to you."}],["$","div",null,{"className":"mt-12 grid gap-10 lg:grid-cols-[minmax(0,2fr)_repeat(3,minmax(0,1fr))]","children":[["$","div",null,{"className":"space-y-6","children":[["$","$L7",null,{"src":"/images/icons/unit6-icon.svg","alt":"Unit6 logo","width":140,"height":48,"priority":true}],["$","p",null,{"className":"text-sm text-slate-600 dark:text-slate-300","children":"The Preventive Intelligence Company"}]]}],[["$","div","Product",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Product"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Platform overview",{"children":["$","$L5",null,{"href":"/platform","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Platform overview"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Platform overview"}]]}]]}]}],["$","li","Use cases",{"children":["$","$L5",null,{"href":"/use-cases","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Use cases"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Use cases"}]]}]]}]}],["$","li","Integrations",{"children":["$","$L5",null,{"href":"/integrations","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Integrations"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Integrations"}]]}]]}]}],["$","li","Comparison",{"children":["$","$L5",null,{"href":"/comparison","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Comparison"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Comparison"}]]}]]}]}]]}]]}],["$","div","Resources",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Resources"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Gaming lab",{"children":["$","$L5",null,{"href":"/resources/gaming","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Gaming lab"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Gaming lab"}]]}]]}]}],["$","li","Customers",{"children":["$","$L5",null,{"href":"/customer-stories","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Customers"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Customers"}]]}]]}]}],["$","li","Blog",{"children":["$","$L5",null,{"href":"/blog","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Blog"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Blog"}]]}]]}]}],["$","li","Security",{"children":["$","$L5",null,{"href":"/security","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Security"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Security"}]]}]]}]}],["$","li","Privacy",{"children":["$","$L5",null,{"href":"/privacy","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Privacy"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Privacy"}]]}]]}]}]]}]]}],["$","div","Get started",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Get started"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Book a demo",{"children":["$","$L5",null,{"href":"/book-a-demo","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Book a demo"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Book a demo"}]]}]]}]}],["$","li","Custom quote",{"children":["$","$L5",null,{"href":"/get-a-custom-quote","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Custom quote"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Custom quote"}]]}]]}]}],["$","li","Talk to sales",{"children":["$","$L5",null,{"href":"mailto:sales@unit6tech.com","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Talk to sales"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Talk to sales"}]]}]]}]}]]}]]}]]]}],["$","div",null,{"className":"mt-12 flex flex-col gap-6 border-t border-slate-200 pt-8 dark:border-white/10 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-x-6 gap-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","span",null,{"children":["© ",2025," Unit6 Inc. All rights reserved."]}],["$","$L5",null,{"href":"/terms","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Terms"}],["$","$L5",null,{"href":"/privacy","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Privacy"}]]}],["$","div",null,{"className":"flex gap-3","children":[["$","$L5","LinkedIn",{"href":"https://www.linkedin.com/company/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"LinkedIn","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 448 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M416 32H31.9C14.3 32 0 46.5 0 64.3v383.4C0 465.5 14.3 480 31.9 480H416c17.6 0 32-14.5 32-32.3V64.3c0-17.8-14.4-32.3-32-32.3zM135.4 416H69V202.2h66.5V416zm-33.2-243c-21.3 0-38.5-17.3-38.5-38.5S80.9 96 102.2 96c21.2 0 38.5 17.3 38.5 38.5 0 21.3-17.2 38.5-38.5 38.5zm282.1 243h-66.4V312c0-24.8-.5-56.7-34.5-56.7-34.6 0-39.9 27-39.9 54.9V416h-66.4V202.2h63.7v29.2h.9c8.9-16.8 30.6-34.5 62.9-34.5 67.2 0 79.7 44.3 79.7 101.9V416z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}],["$","$L5","X (Twitter)",{"href":"https://twitter.com/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"X (Twitter)","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 512 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M389.2 48h70.6L305.6 224.2 487 464H345L233.7 318.6 106.5 464H35.8L200.7 275.5 26.8 48H172.4L272.9 180.9 389.2 48zM364.4 421.8h39.1L151.1 88h-42L364.4 421.8z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}]]}]]}]]}]]}]]}]],null],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children","$9","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},[["$","html",null,{"className":"antialiased __variable_41251a","lang":"en","suppressHydrationWarning":true,"children":[["$","head",null,{"children":[["$","$L3",null,{"id":"gtm-base","strategy":"lazyOnload","children":"\n            (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\n            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\n            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\n            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\n            })(window,document,'script','dataLayer','GTM-KMD6X5T8');\n          "}],["$","$L3",null,{"id":"structured-data","type":"application/ld+json","strategy":"beforeInteractive","children":"$b"}],null]}],["$","body",null,{"className":"__className_f367f3","children":[["$","noscript",null,{"children":["$","iframe",null,{"src":"https://www.googletagmanager.com/ns.html?id=GTM-KMD6X5T8","height":"0","width":"0","style":{"display":"none","visibility":"hidden"}}]}],["$","$L3",null,{"id":"theme-init","strategy":"beforeInteractive","children":"\n            try {\n              const storedTheme = localStorage.getItem('theme');\n              const prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches;\n              const theme = storedTheme === 'light' || storedTheme === 'dark' ? storedTheme : (prefersDark ? 'dark' : 'light');\n              const root = document.documentElement;\n              root.classList.remove('light', 'dark');\n              root.classList.add(theme);\n              root.dataset.theme = storedTheme ?? 'system';\n            } catch (_error) {}\n          "}],["$","$Lc",null,{"children":["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":["$","main",null,{"className":"flex min-h-screen flex-col items-center justify-center bg-gradient-to-b from-slate-50 via-white to-sky-50 px-6 text-center text-slate-900 dark:from-slate-950 dark:via-slate-900 dark:to-slate-950 dark:text-white","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.35em] text-slate-500 dark:text-slate-400","children":"Page not found"}],["$","h1",null,{"className":"mt-4 text-4xl font-semibold sm:text-5xl","children":"Looks like that trail went cold."}],["$","p",null,{"className":"mt-4 max-w-xl text-base text-slate-600 dark:text-slate-300","children":"The page you are looking for has moved or no longer exists. Head back to the main site or explore our latest resources."}],["$","div",null,{"className":"mt-8 flex flex-col gap-3 sm:flex-row","children":[["$","$L5",null,{"href":"/","className":"rounded-full bg-slate-900 px-5 py-3 text-sm font-semibold text-white shadow-sm transition hover:bg-slate-800 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-slate-500 dark:bg-white dark:text-slate-900 dark:hover:bg-slate-100","children":"Back to homepage"}],["$","$L5",null,{"href":"/resources/gaming","className":"rounded-full border border-slate-200 px-5 py-3 text-sm font-semibold text-slate-700 transition hover:border-slate-300 dark:border-white/20 dark:text-white dark:hover:border-white/30","children":"View resources"}]]}]]}],"notFoundStyles":[],"styles":null}]}]]}]]}],null],null],[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/2a2d44bd966c4d53.css","precedence":"next","crossOrigin":"$undefined"}],["$","link","1",{"rel":"stylesheet","href":"/_next/static/css/582d575b359aac35.css","precedence":"next","crossOrigin":"$undefined"}]],[null,"$Ld"]]]]]
d:[["$","meta","0",{"name":"viewport","content":"width=device-width, initial-scale=1"}],["$","meta","1",{"charSet":"utf-8"}],["$","title","2",{"children":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early | Unit6 customer story | Unit6"}],["$","meta","3",{"name":"description","content":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}],["$","meta","4",{"name":"keywords","content":"preventive intelligence,adversary infrastructure,attack staging,threat reconnaissance,early warning security platform"}],["$","meta","5",{"name":"robots","content":"index, follow"}],["$","link","6",{"rel":"canonical","href":"https://unit6tech.com/customer-stories/supply-chain-ransomware-saas-admin"}],["$","meta","7",{"property":"og:title","content":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","meta","8",{"property":"og:description","content":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}],["$","meta","9",{"property":"og:url","content":"https://unit6tech.com/customer-stories/supply-chain-ransomware-saas-admin"}],["$","meta","10",{"property":"og:site_name","content":"Unit6"}],["$","meta","11",{"property":"og:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","meta","12",{"property":"og:type","content":"article"}],["$","meta","13",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","14",{"name":"twitter:creator","content":"@unit6tech"}],["$","meta","15",{"name":"twitter:title","content":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","meta","16",{"name":"twitter:description","content":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}],["$","meta","17",{"name":"twitter:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","link","18",{"rel":"icon","href":"/favicon.ico","type":"image/x-icon","sizes":"20x32"}],["$","meta","19",{"name":"next-size-adjust"}]]
1:null