Retool, a software development firm offering modular code for customizable enterprise software, recently notified 27 customers that a threat actor had accessed their accounts. The attacker was able to navigate through multiple layers of security controls after taking advantage of an employee through an SMS-based phishing attack. The attacker then used this access to target