ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

SSOJet delivers far more than "just SSO": we give your team the visibility, control, and security intelligence needed to defeat device flow phishing and build a future-proof identity management ...

Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a ...

The GitHub OAuth attack exposed a security blind spot in the ever-growing web of permissions spanning developers, service ...

The most obvious thing you’ll need to build these sample apps is a Spotify account. Using it, you can log in to the Spotify ...

Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for ...

It recommends conducting a review of all Drift integrations and all authentication activity with third-party systems ... that you probe your Salesforce log-in history, audit trail, and API access logs ...

This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed ...

Enhanced driver delivers advanced search capabilities and a seamless music experience within RTI control systems ...

Google expands Salesloft Drift breach scope beyond Salesforce; Salesloft says core platform safe, isolated to Drift app.