CSO Online

OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene.
Dark Reading

Azure OAuth 2.0 Vulnerability Grabs Tokens

Omer Tsarfati and his team at security firm CyberArk are now finally able to discuss a major OAuth 2.0 vulnerability that affects Microsoft Azure web services which they have been sitting on since ...
PCQuest on MSN

Salesforce Probes Gainsight OAuth Anomalies as SaaS Token Attacks Escalate

Salesforce is looking into unusual OAuth activity associated with Gainsight integrations after observing behavior that might have revealed customer data. Initial indications suggest a deliberate ...