Research shows a significant increase in third-party applications accessing sensitive data without justification, with government and education sectors experiencing sharp rises in malicious activity. Despite prioritizing web security, most organizations lack implemented solutions to mitigate these risks, emphasizing governance gaps and over-permissioned tracking tools like Facebook Pixel and Google Tag Manager. #ThirdPartyAccess #WebExposureManagement
Keypoints
- 64% of leading websites now have third-party apps accessing sensitive data unjustified, up from 51% in 2024.
- Government malicious activity increased from 2% to 12.9%, while education sites saw active compromises rise to 1 in 7.
- Tools such as Google Tag Manager, Shopify, and Facebook Pixel are major contributors to unjustified data access.
- Security leaders prioritize web attacks but less than 40% have deployed effective solutions, exposing a significant gap between awareness and action.
- Marketing and digital teams now generate 43% of third-party risk, often deploying apps without proper security oversight.
Read More: https://thehackernews.com/2026/01/new-research-64-of-3rd-party.html