Salesforce data theft campaign exposes SaaS integration risks

Threat Score:

Security Brief UK

1 day ago

Part of cluster #2214

Overview

Salesforce data theft campaign exposes SaaS integration risks New data theft attacks have been observed targeting Salesforce instances through SaaS integrations, raising concerns among security experts regarding the scope and coordination of the campaign. Security professionals are closely following developments after Google Threat Intelligence reported widespread attacks involving stolen OAuth2 tokens from integrations between Salesforce and third-party applications, including Salesloft and Dri...

Continue Reading on Original Site

5 articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

Brighttalk • 8 hours ago

Presented by Patrick Whitsell, Security Engineer, Google Threat Intelligence Group and Austin Larsen, Principal Threat Analyst, Google Threat Intelligence Group

Score

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

GB Hackers • 4 hours ago

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combined with an OS-level flaw (CVE-2025-43300), has raised alarms the potential compromise of user devices and data, including sensitive messages. Vulnerability Details

Score

TransUnion Data Breach Impacts 4.4 Million

SecurityWeek • 11 hours ago

The credit reporting firm did not name the third-party application involved in the incident, only noting that it was used for its US consumer support operations.

Score

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Cybersecurity News • 6 hours ago

A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now identified as CVE-2025-55177, was combined with a separate vulnerability in Apple’s operating systems to compromise devices and access user data. WhatsApp has since patched the vulnerability and has […]

Score

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

SecurityWeek • 11 hours ago

Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration.

Score

ATTACK TYPES

Data Exfiltration

Data Theft

OAuth Token Exploitation

OAuth Token Theft

Supply Chain Attack

COMPANIES

Google

Salesforce

Salesloft

PLATFORMS

AWS

Drift

Google Workspace

Salesforce

RANSOMWARE

Blind

First

One

Surprise

Unknown

MITRE ATT&CK

Proxy

T1003

T1041

T1046

T1053

MALWARE

Vawtrak

APT GROUPS

UNC6395

INDUSTRIES

Cloud Services

SaaS

Sales Automation

Technology

SECURITY VENDORS

Google Threat Intelligence Group

ARTICLE INFORMATION

Article #15130

Published 1 day ago

Security Brief UK

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Deception in depth: Defending against sophisticated and evolving PRC-nexus espionage campaigns

WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices

TransUnion Data Breach Impacts 4.4 Million

WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users

Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft Campaign

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies