Community driven content discussing all aspects of software development from DevOps to design patterns. In this Java serialization example, we will use both the ObjectOutputStream and the ...

ShinyHunters claim theft of 1.5 billion records from 760 global companies Attackers exploited GitHub secrets to access sensitive Salesforce object tables FBI issued warnings as hacker groups announced ...

TL;DR: The recently disclosed Salesforce data-theft attacks highlight two distinct non-human identity failures. First, Drift’s handling of OAuth tokens broke down, leading to credential compromise at ...

Google now reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to access a small number of Google Workspace email accounts in ...

Hackers have used a chatbot developed by Salesloft Inc. to access a large number of Salesforce environments and download their contents. Salesloft and Google LLC disclosed the breach last Thursday.

Compromised OAuth tokens through a third-party app have resulted in large-scale data raids on instances of the Salesforce customer relationship management (CRM) platform, by an unknown threat actor.

UPDATE Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft Drift app. Drift is used for automating sales processes, ...

Salesforce customers have again been targeted in a “widespread data theft campaign,” this time via compromised OAuth tokens associated with the third-party Salesloft Drift application. Salesloft Drift ...

Google says the hackers systematically exported corporate data, focusing on secrets such as AWS and Snowflake keys. Hackers stole data from hundreds of Salesforce customer instances in a widespread ...

Is your Salesforce environment integrated with third-party apps like Salesloft Drift? If so, your organization could be at risk of the same SaaS breach techniques used by advanced threat actors like ...