Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a ...

ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...

The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...

The Unit 42 team within PAN are still combing through things, “conducting enhanced, continuous monitoring of our systems and the dark web for any potential exposure ... audit trail, and API access ...

SaaS supply chain attacks exploit SaaS-to-SaaS connections using stolen OAuth tokens. Get practical steps to reduce your risk ...

Google expands Salesloft Drift breach scope beyond Salesforce; Salesloft says core platform safe, isolated to Drift app.

Learn how AI-driven APIs reshape threat models and discover actionable security practices to protect data and prevent ...

Fast IDentity Online 2 (FIDO2) was the second iteration of a standard released by the FIDO Alliance and World Wide Web Consortium (W3C). It was designed to replace passwords as a means of ...

A single compromised GitHub account allowed hackers to breach hundreds of companies, including major tech and cybersecurity ...

Lit Protocol's Vincent Early Access is now live, giving developers immediate tools to create permissioned, non-custodial AI agents for real DeFi strategies, powered by onchain guardrails and ...