The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...

SaaS supply chain attacks exploit SaaS-to-SaaS connections using stolen OAuth tokens. Get practical steps to reduce your risk ...

Fast IDentity Online 2 (FIDO2) was the second iteration of a standard released by the FIDO Alliance and World Wide Web Consortium (W3C). It was designed to replace passwords as a means of ...

Learn how AI-driven APIs reshape threat models and discover actionable security practices to protect data and prevent ...

This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed ...

Google Threat Intelligence Group has tracked threat actor UNC6395 stealing OAuth tokens via Salesloft Drift integrations in a ...

Lit Protocol's Vincent Early Access is now live, giving developers immediate tools to create permissioned, non-custodial AI agents for real DeFi strategies, powered by onchain guardrails and ...

The Unit 42 team within PAN are still combing through things, “conducting enhanced, continuous monitoring of our systems and the dark web for any potential exposure ... audit trail, and API access ...

Cybersecurity company Zscaler warns it suffered a data breach after threat actors gained access to its Salesforce instance ...

Google expands Salesloft Drift breach scope beyond Salesforce; Salesloft says core platform safe, isolated to Drift app.

MCP (Model Context Protocol) server with OAuth 2.0 authentication support. Implements both stdio and HTTP transports with configurable Auth0 integration for secure API access.

ShinyHunters compromised Google, Qantas & dozens more using OAuth device flow attacks—bypassing MFA without exploiting a single software bug. My deep-dive analysis reveals how they did it and what ...