Common OAuth Vulnerabilities blog.doyensec.com/2025/01/30/o...
#OAuthSecurity #cybersecurity #infosec #identitysecurity
#OAuthSecurity #cybersecurity #infosec #identitysecurity
Common OAuth Vulnerabilities · Doyensec's Blog
Common OAuth Vulnerabilities
blog.doyensec.com
February 27, 2025 at 3:53 PM
Common OAuth Vulnerabilities blog.doyensec.com/2025/01/30/o...
#OAuthSecurity #cybersecurity #infosec #identitysecurity
#OAuthSecurity #cybersecurity #infosec #identitysecurity
Massive Salesforce Data Breach Hackers Target 700 Cybersecurity Firms via Salesloft Drift.
#SalesforceBreach #DataBreach2025 #SalesloftDriftHack #CybersecurityNews #ProofpointBreach #SpyCloudBreach #TaniumBreach #TenableBreach #SupplyChainAttack #OAuthSecurity #CRMDataLeak #CloudSecurity
#SalesforceBreach #DataBreach2025 #SalesloftDriftHack #CybersecurityNews #ProofpointBreach #SpyCloudBreach #TaniumBreach #TenableBreach #SupplyChainAttack #OAuthSecurity #CRMDataLeak #CloudSecurity
September 6, 2025 at 11:00 AM
Massive Salesforce Data Breach Hackers Target 700 Cybersecurity Firms via Salesloft Drift.
#SalesforceBreach #DataBreach2025 #SalesloftDriftHack #CybersecurityNews #ProofpointBreach #SpyCloudBreach #TaniumBreach #TenableBreach #SupplyChainAttack #OAuthSecurity #CRMDataLeak #CloudSecurity
#SalesforceBreach #DataBreach2025 #SalesloftDriftHack #CybersecurityNews #ProofpointBreach #SpyCloudBreach #TaniumBreach #TenableBreach #SupplyChainAttack #OAuthSecurity #CRMDataLeak #CloudSecurity
Zscaler & Palo Alto Networks breached via Salesloft Drift—OAuth token theft exposes sensitive Salesforce data. SaaS integrations demand stronger safeguards. 🔐🔗 #SupplyChainExposure #OAuthSecurity
Zscaler, Palo Alto Networks Hacked via Salesloft Drift
Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS app.
buff.ly
September 3, 2025 at 1:05 PM
Zscaler & Palo Alto Networks breached via Salesloft Drift—OAuth token theft exposes sensitive Salesforce data. SaaS integrations demand stronger safeguards. 🔐🔗 #SupplyChainExposure #OAuthSecurity
🧠 Zoom, Slack, that new scheduling tool — they all ask for access. You click ‘Allow’. Suddenly, one can modify your Google Drive.
No hacks. Just over-permissioned apps.
𝗖𝗼𝗻𝗳𝗶𝗱𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗵𝗲𝗹𝗽𝘀 𝘆𝗼𝘂 𝘀𝗮𝘆 𝘆𝗲𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗵𝗶𝗻𝗴𝘀. 🔐
#CyberSecurity #OAuthSecurity #ZeroTrust #IAM #DataPrivacy
No hacks. Just over-permissioned apps.
𝗖𝗼𝗻𝗳𝗶𝗱𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗵𝗲𝗹𝗽𝘀 𝘆𝗼𝘂 𝘀𝗮𝘆 𝘆𝗲𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗵𝗶𝗻𝗴𝘀. 🔐
#CyberSecurity #OAuthSecurity #ZeroTrust #IAM #DataPrivacy
June 9, 2025 at 5:16 PM
🧠 Zoom, Slack, that new scheduling tool — they all ask for access. You click ‘Allow’. Suddenly, one can modify your Google Drive.
No hacks. Just over-permissioned apps.
𝗖𝗼𝗻𝗳𝗶𝗱𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗵𝗲𝗹𝗽𝘀 𝘆𝗼𝘂 𝘀𝗮𝘆 𝘆𝗲𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗵𝗶𝗻𝗴𝘀. 🔐
#CyberSecurity #OAuthSecurity #ZeroTrust #IAM #DataPrivacy
No hacks. Just over-permissioned apps.
𝗖𝗼𝗻𝗳𝗶𝗱𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗵𝗲𝗹𝗽𝘀 𝘆𝗼𝘂 𝘀𝗮𝘆 𝘆𝗲𝘀 𝘁𝗼 𝘁𝗵𝗲 𝗿𝗶𝗴𝗵𝘁 𝘁𝗵𝗶𝗻𝗴𝘀. 🔐
#CyberSecurity #OAuthSecurity #ZeroTrust #IAM #DataPrivacy
Hijacking OAuth Flows via Cookie Tossing
This article explores how cookie tossing attacks can hijack OAuth flows, potentially leading to account takeovers at the Identity Provider (IdP).
https://snyk.io/articles/hijacking-oauth-flows-via-cookie-tossing/
#OAuthSecurity #CookieTossing
This article explores how cookie tossing attacks can hijack OAuth flows, potentially leading to account takeovers at the Identity Provider (IdP).
https://snyk.io/articles/hijacking-oauth-flows-via-cookie-tossing/
#OAuthSecurity #CookieTossing
April 9, 2025 at 5:31 AM
Hijacking OAuth Flows via Cookie Tossing
This article explores how cookie tossing attacks can hijack OAuth flows, potentially leading to account takeovers at the Identity Provider (IdP).
https://snyk.io/articles/hijacking-oauth-flows-via-cookie-tossing/
#OAuthSecurity #CookieTossing
This article explores how cookie tossing attacks can hijack OAuth flows, potentially leading to account takeovers at the Identity Provider (IdP).
https://snyk.io/articles/hijacking-oauth-flows-via-cookie-tossing/
#OAuthSecurity #CookieTossing