DEEP RESEARCH: Who’s Most Likely to Abuse MCP Integrations? #UNC3944, #TraderTraitor, #UNC6293 ?

MCP-era risk isn’t exploits—it’s authorized tool/integration abuse (OAuth consent, device codes, app passwords). We ranked who’s best positioned..

#AlphaHunt #OAuth #MCP

8/ Who targeted @keirgiles.bsky.social ? Enter the Google
Threat Intelligence Group w/analysis & attribution!

Great!

Our bad actors are: 🇷🇺 #UNC6293, a #Russian state-sponsored threat actor.

Google adds bonus additional low confidence association to #APT29 (that would be the #SVR).

Nice people.