Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism. Attackers trick victims into entering a device code on ...

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene. Salesforce has disclosed ...

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 ...

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...

PHOENIX, AZ, UNITED STATES, October 2, 2025 / EINPresswire.com / -- With the recently successful 16.5.39 firmware release just breaking new ground, 10ZiG Technology is already onto more cutting-edge ...

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have ...

Proofpoint, SpyCloud, Tanium, and Tenable confirmed that hackers accessed information stored in their Salesforce instances. Cybersecurity firms Proofpoint, SpyCloud, Tanium, and Tenable have confirmed ...

Trading company and market maker Wintermute asked the United States Securities and Exchange Commission (SEC) to confirm that network tokens should not be classified as securities. In formal feedback ...

Google Threat Intelligence Group (GTIG) warns that attackers are stealing OAuth tokens via Salesloft Drift integrations in a massive Salesforce data theft. Alphabet’s GTIG and Mandiant attributed the ...

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the ...