Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene.

The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

Security researchers at Calif.-based Proofpoint have uncovered a large-scale account takeover campaign aimed at Microsoft Entra ID environments. The attackers are using TeamFiltration, an open source ...

They keep coming back for more Salesforce has disclosed another third-party breach in which criminals - likely ShinyHunters (again) - may have accessed its customers' data.… This time, the suspicious ...

So, I have a bunch of R packages for interacting with Azure. One of them does authentication with AA https://github.com/Azure/AzureAuth The package currently caches ...

Google’s Threat Intelligence team reported that more than 200 Salesforce customer instances may have been affected in the ...

Salesforce is investigating a security incident after discovering unusual activity involving apps published by Gainsight, a ...

In recent cybersecurity news, Salesforce has initiated an investigation into suspicious activity that may have compromised customer environments connected to applications developed by Gainsight. This ...

Omer Tsarfati and his team at security firm CyberArk are now finally able to discuss a major OAuth 2.0 vulnerability that affects Microsoft Azure web services which they have been sitting on since ...

Shiny talks to The Reg EXCLUSIVE ShinyHunters has claimed responsibility for the Gainsight breach that allowed the data ...