MediaNama

Google Flags 10-Day Data Theft Targeting Salesforce Customers via OAuth Tokens

Google’s Threat Intelligence Group (GTIG) issued an advisory on August 26 about a widespread data theft campaign targeting Salesforce customers that ran from August 8 to August 18. A rogue actor, ...
The Hacker News

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

OAuth tokens without expiry enable breaches like Drift attack on 700+ firms, bypassing MFA and exposing sensitive data.
TechRadar

Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Revenue workflow platform Salesloft suffered a cyberattack which saw threat actors break in ...

Learning from the Vercel breach: Shadow AI & OAuth sprawl

A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach ...