In November 2025, Anthropic revealed a cyber espionage campaign dubbed GTG-1002, the first documented case of an AI agent orchestrating real-world intrusions with minimal human input. A Chinese ...

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene. Salesforce has disclosed ...

Is your feature request related to a problem? Please describe. We were using the firebase admin SDK and a special service account with key resident in the same project as the apps (the servers are in ...

Token burning only raises prices when demand, utility and transparency align. Here’s when supply cuts work, and why SHIB and BNB tell different stories. Token burns are a key part of many projects’ ...

The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

A newly identified phishing technique known as “CoPhish” exploits Microsoft Copilot Studio agents to deliver deceptive OAuth consent prompts through legitimate Microsoft domains. Researchers at ...

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...

An as-of-yet undiagnosed compromise of the Salesloft Drift AI-driven platform has led to a rash of stolen OAuth tokens, in turn creating downstream breaches at some of the biggest names in the ...

Google Threat Intelligence Group (GTIG) warns that attackers are stealing OAuth tokens via Salesloft Drift integrations in a massive Salesforce data theft. Alphabet’s GTIG and Mandiant attributed the ...

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the ...