#salesloft-drift-breach

[ follow ]
#supply-chain-attack #oauth-token-theft #active-cve-exploitation #oauth-credential-theft
Information security
fromThe Hacker News
6 days ago

Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

OAuth token theft via a Salesloft-Drift integration exposed Salesforce data across major tech firms, underscoring integration fragility and supply-chain security risks.
fromTheregister
1 week ago

Stolen OAuth tokens expose Palo Alto customer data

Marc Benoit, chief information security officer at PAN, confirmed in a note to clients - seen by The Register - that it was informed on August 25 that the "compromise of a third-party application, Salesloft's Drift, resulted in the access and exfiltration of data stored in our Salesforce environment." It immediately disconnected the third-party application from its Salesforce CRM, he said.
Information security
[ Load more ]