Hosted on MSN

Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks

Revenue workflow platform Salesloft suffered a cyberattack which saw threat actors break in through a third-party and steal sensitive information. The company is using Drift, a conversational ...
Security Boulevard

SPIFFE vs. OAuth: Access Control for Nonhuman Identities

SPIFFE focuses on who a workload is. It issues cryptographic identities to services and workloads so they can prove their authenticity to each other without relying on stored secrets. OAuth focuses on ...
Hosted on MSN

Salesforce Probes Gainsight OAuth Anomalies as SaaS Token Attacks Escalate

Salesforce is looking into unusual OAuth activity associated with Gainsight integrations after observing behavior that might have revealed customer data. Initial indications suggest a deliberate ...
Bleeping Computer

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have ...
Security Boulevard

ShinyHunters Claims Woflow Breach: What It Means for SaaS Supply Chain Security

Learn the security risks in SaaS supply chains and about ShinyHunters’ evolving extortion tactics behind the alleged Woflow breach. The post ShinyHunters Claims Woflow Breach: What It Means for SaaS ...