#unc6395

[ follow ]
#oauth-token-theft #supply-chain-attack #salesforce #salesforce-breach #oauth-vulnerability #salesloftdrift
Information security
fromDataBreaches.Net
2 days ago

Salesloft Drift Breach Rolls Up Cloudflare, Palo Alto, Zscaler, and Others - DataBreaches.Net

Supply-chain attacks exploiting a Salesloft/Drift Salesforce OAuth vulnerability compromised customer Salesforce instances at Cloudflare, Palo Alto Networks, Zscaler, SpyCloud, PagerDuty, and hundreds more.
Information security
fromTechzine Global
3 days ago

Hackers steal customer data from Zscaler via Salesloft leak

Hackers accessed Zscaler's Salesforce via compromised Salesloft Drift, stealing customer personal data, product and support-case information; Zscaler products and internal infrastructure were not affected.
Information security
fromThe Hacker News
1 week ago

Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations

All Salesloft Drift integrations and stored authentication tokens are potentially compromised, enabling attackers to access Salesforce instances and Google Workspace accounts via stolen OAuth tokens.
Information security
fromTheregister
1 week ago

Google links Salesforce data thefts to Salesloft breach

Attackers stole OAuth tokens from the Drift app used by Salesloft to access Salesforce databases and exfiltrate sensitive credentials and customer records.
Information security
fromTechzine Global
1 week ago

Hackers steal Salesforce data via Salesloft integration

Hackers exploited the Salesloft–Drift–Salesforce integration to steal OAuth and refresh tokens, gaining access to customer data including AWS keys and passwords.
Information security
fromThe Hacker News
1 week ago

Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data

Hackers breached Salesloft to steal Drift OAuth and refresh tokens, enabling exfiltration of Salesforce data and credentials from multiple corporate instances.
[ Load more ]