ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a ...

The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...

Google expands Salesloft Drift breach scope beyond Salesforce; Salesloft says core platform safe, isolated to Drift app.

The most obvious thing you’ll need to build these sample apps is a Spotify account. Using it, you can log in to the Spotify ...

The Salesloft Drift breach is expanding fast. Learn what’s at risk and the 7 critical steps security teams should take to ...

For developers working with ChatGPT’s new developer mode, this means the connectors they create may not just serve one-off integrations — they could be building into a broader ecosystem standard. MCP ...

Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for ...

It recommends conducting a review of all Drift integrations and all authentication activity with third-party systems ... that you probe your Salesforce log-in history, audit trail, and API access logs ...