Salesforce sends ‘strong’ message to hackers who claim to have stolen 1 billion company records

Salesforce has firmly stated it will not pay hackers demanding ransom after a group named ShinyHunters claimed to have stolen significant client data. The breach occurred through a third-party app, ...
Cloud Security Alliance

When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

A look at the Salesloft-Drift OAuth breach, how token misuse bypassed MFA, and steps to strengthen SSPM and ITDR in SaaS security.