OAuth Tokens – Experimental News Clipping Site

The Register: Stolen OAuth tokens expose Palo Alto customer data

Sep 2, 2025

—

by

Source URL: https://www.theregister.com/2025/09/02/stolen_oauth_tokens_expose_palo/ Source: The Register Title: Stolen OAuth tokens expose Palo Alto customer data Feedly Summary: Security firm’s Salesforce instance accessed using credentials stolen from Salesloft’s Drift platform breach Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft…

The Register: Salesforce data missing? It might be due to Salesloft breach, Google says

Aug 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/27/salesforce_salesloft_breach/ Source: The Register Title: Salesforce data missing? It might be due to Salesloft breach, Google says Feedly Summary: Attackers steal OAuth tokens to access third-party sales platform, then CRM data in ‘widespread campaign’ Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft…

Cloud Blog: Widespread Data Theft Targets Salesforce Instances via Salesloft Drift

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift/ Source: Cloud Blog Title: Widespread Data Theft Targets Salesforce Instances via Salesloft Drift Feedly Summary: Written by: Austin Larsen, Matt Lin, Tyler McLellan, Omar ElAhdan Introduction Google Threat Intelligence Group (GTIG) is issuing an advisory to alert organizations about a widespread data theft campaign, carried out by the actor tracked as UNC6395.…

Wired: A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT

Aug 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/poisoned-document-could-leak-secret-data-chatgpt/ Source: Wired Title: A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT Feedly Summary: Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed them to extract data from a Google Drive without any user interaction. AI Summary and Description: Yes Summary:…

CSA: AI Agents vs AI Chatbots: Understanding the Difference

Jun 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/ai-agents-vs-ai-chatbots-understanding-the-difference Source: CSA Title: AI Agents vs AI Chatbots: Understanding the Difference Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the significant differences between AI chatbots and AI agents, particularly in terms of security implications associated with non-human identities (NHIs). It highlights that while chatbots are predictable and easier to…

CSA: Prevent Downtime from Expired Secrets

Jun 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aembit.io/blog/how-to-stop-expired-secrets-from-disrupting-your-operations/ Source: CSA Title: Prevent Downtime from Expired Secrets Feedly Summary: AI Summary and Description: Yes Summary: The text delves into the crucial issue of managing non-human identities (NHIs) and their authentication credentials within cloud-native environments, emphasizing the risks and operational burdens of expired credentials. It presents real-world examples of service disruptions due…

CybersecurityNews: Guide to Cloud API Security – Preventing Token Abuse

May 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cybersecuritynews.com/cloud-api-security/ Source: CybersecurityNews Title: Guide to Cloud API Security – Preventing Token Abuse Feedly Summary: Guide to Cloud API Security – Preventing Token Abuse AI Summary and Description: Yes Summary: The text discusses the vulnerabilities associated with API token management in cloud environments, emphasizing the rise of API-related breaches and the urgent need…

CSA: Consent Phishing: Bypassing MFA with OAuth

May 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.valencesecurity.com/resources/blogs/the-rising-threat-of-consent-phishing-how-oauth-abuse-bypasses-mfa Source: CSA Title: Consent Phishing: Bypassing MFA with OAuth Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the rising threat of consent phishing as a sophisticated attack vector targeting SaaS security, distinct from conventional phishing tactics. By leveraging OAuth 2.0 protocols, attackers can gain persistent access to sensitive resources,…

CSA: Enhancing Salesforce Security: Beyond Built-in Features

Jan 3, 2025

—

by

system automation

in Uncategorized

Source URL: https://cloudsecurityalliance.org/blog/2025/01/03/enhancing-salesforce-security-beyond-built-in-features Source: CSA Title: Enhancing Salesforce Security: Beyond Built-in Features Feedly Summary: AI Summary and Description: Yes Summary: The text delves into the security implications of using Salesforce, highlighting the critical need for organizations to take responsibility for their data protection. It identifies risks associated with third-party integrations, non-human identities, and common misconfigurations,…

CSA: What are OAuth Tokens? Secure Authentication Explained

Sep 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/what-are-oauth-tokens-and-why-are-they-important-to-secure Source: CSA Title: What are OAuth Tokens? Secure Authentication Explained Feedly Summary: AI Summary and Description: Yes Summary: The text focuses on OAuth tokens, emphasizing their role as secure authentication mechanisms that facilitate third-party access while highlighting potential security risks. It provides crucial insights into the necessary security practices for managing OAuth…

Tag: OAuth Tokens