Salesloft said a breach of its GitHub account in March allowed hackers to steal authentication tokens that were later used in a mass-hack targeting several of its Big Tech customers. Citing an ...
With the latest version of the Inspector (0.16.6), if you run the Quick OAuth Flow in the OAuth debugger against the simpleStreamableHttp.ts example server in the TS SDK (with --oauth flag), it will ...
Google Threat Intelligence Group (GTIG) warns that attackers are stealing OAuth tokens via Salesloft Drift integrations in a massive Salesforce data theft. Alphabet’s GTIG and Mandiant attributed the ...
Benzinga contacted Palo Alto Networks’ investor team for their take on the report and is awaiting a response. Attackers used custom Python tools, Tor for obfuscation and log deletion techniques to ...
The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many ...
OAuth 2.1 is the officially mandated authorization standard in the Model Context Protocol (MCP) specifications. According to the official documentation, authorization servers must implement OAuth 2.1 ...
Google is advising users of the Salesloft Drift AI chat agent to consider all security tokens connected to the platform compromised following the discovery that unknown attackers used some of the ...
Google Identifies ‘Widespread Data Theft’ Impacting Salesforce-Salesloft Drift Users Your email has been sent A previously unidentified threat actor, UNC6395, has been linked to a recent breach ...
Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part ...
A new wave of targeted phishing attacks exploiting Microsoft 365’s OAuth workflows has been uncovered by cybersecurity experts. These campaigns, observed by Volexity since March 2025, involve ...
OpenAI is exploring ways for users to sign in to third-party apps using their ChatGPT account, the company noted on a web page published Tuesday. OpenAI is currently gauging interest from developers ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback