资讯

Security Boulevard7 天

Behind the Salesforce OAuth Drift Breach

In recent weeks, major companies like Palo Alto Networks, Zscaler, Cloudflare, and SpyCloud have all confirmed they were ...
Security Boulevard16 天

OAuth Device Flow Vulnerabilities: A Critical Analysis of the 2024-2025 Attack Wave

ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

Gemini CLI Model Context Protocol (MCP) : The Secret to Smarter AI Workflows

Learn how MCP and Gemini CLI redefine AI workflows, enabling real-time data retrieval, automation, and unmatched productivity ...

6 browser-based attacks all security teams should be ready for in 2025

The browser is now the frontline for cyberattacks. From phishing kits and ClickFix lures to malicious OAuth apps and ...

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
Techopedia2 天

Salesloft Drift Breach Shows Why SaaS Security Needs Overhaul

The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...
The Hacker News9 天

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies ...
Analytics India Magazine1 天

OpenAI Rolls Out Developer Mode in ChatGPT With Full MCP Access

OpenAI has introduced a new Developer mode for ChatGPT, giving users full access to the model context protocol (MCP) client ...
The Hacker News13 天

Google Warns Salesloft Drift Breach Impacts All Drift Integrations Beyond Salesforce

Google expands Salesloft Drift breach scope beyond Salesforce; Salesloft says core platform safe, isolated to Drift app.