In recent weeks, major companies like Palo Alto Networks, Zscaler, Cloudflare, and SpyCloud have all confirmed they were affected by a string of cyberattacks that began with Salesforce. Or at least, ...
Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using ...
GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...
Turns out your biggest breach risk might come from a vendor’s acquisition — and an old OAuth token you didn’t even know ...
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Like Tenable, Qualys confirmed that its products and services were not affected and were still fully operational. Both firms ...
Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization ...
A Russian researcher was able to take five low severity OAuth bugs and string them together to create what he calls a “simple but high severity exploit” in Github. A Russian security researcher was ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback