Experimental News Clipping Site

Tag: third-party applications

  • Unit 42: Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/threat-brief-compromised-salesforce-instances/ Source: Unit 42 Title: Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances Feedly Summary: This Threat Brief discusses observations on a campaign leveraging Salesloft Drift integration to exfiltrate data via compromised OAuth credentials. The post Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances appeared first on Unit 42.…

  • The Register: Salesforce data missing? It might be due to Salesloft breach, Google says

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/27/salesforce_salesloft_breach/ Source: The Register Title: Salesforce data missing? It might be due to Salesloft breach, Google says Feedly Summary: Attackers steal OAuth tokens to access third-party sales platform, then CRM data in ‘widespread campaign’ Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft…

  • The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

  • Krebs on Security: Microsoft Patch Tuesday, July 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/07/microsoft-patch-tuesday-july-2025-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, July 2025 Edition Feedly Summary: Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s…

  • Slashdot: Unless Users Take Action, Android Will Let Gemini Access Third-Party Apps

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/07/08/1255232/unless-users-take-action-android-will-let-gemini-access-third-party-apps?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Unless Users Take Action, Android Will Let Gemini Access Third-Party Apps Feedly Summary: AI Summary and Description: Yes Summary: Google’s modification to its Gemini AI engine allows it to interface with third-party applications, circumventing user privacy settings regarding app interactions. The adjustments raise concerns over data privacy, as user…

  • The Register: VMware must support crucial Dutch govt agency as it migrates off the platform, judge rules

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/06/30/dutch_agency_wins_right_to/ Source: The Register Title: VMware must support crucial Dutch govt agency as it migrates off the platform, judge rules Feedly Summary: Court says State arm cannot be left without maintenance, patches and upgrades because of Broadcom’s new licensing model Broadcom’s VMware subsidiary must provide a Dutch government organization with continued software support…

  • Slashdot: Microsoft 365 Brings the Shutters Down On Legacy Protocols

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/06/19/2046206/microsoft-365-brings-the-shutters-down-on-legacy-protocols?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft 365 Brings the Shutters Down On Legacy Protocols Feedly Summary: AI Summary and Description: Yes **Summary:** Microsoft 365 is set to enhance security by blocking legacy authentication protocols starting July 2025 as part of its “Secure by Default” initiative. This move aims to mitigate risks associated with vulnerable…

  • Slashdot: Salesforce Blocks AI Rivals From Using Slack Data

    by

    Kurt Seifried
    in

    Source URL: https://slashdot.org/story/25/06/13/1443216/salesforce-blocks-ai-rivals-from-using-slack-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Salesforce Blocks AI Rivals From Using Slack Data Feedly Summary: AI Summary and Description: Yes Summary: Slack’s recent decision to block other software firms from searching or storing messages may undermine AI startups that depend on such access to enhance their services. This move is indicative of growing privacy…