Okta thwarted the supply-chain attack with security controls it had in place. Zscaler did not. Their experiences provide insights into the root of a much broader problem.
The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.
Workado publicly claimed its AI content detector could accurately determine whether a piece of text was generated by AI in 98% of cases. The FTC said its “no better than a coin flip.” (Image via Mininyx Doodle and Getty Images)
Workado publicly claimed its AI content detector could accurately determine whether a piece of text was generated by AI in 98% of cases. The FTC said its…
Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…
A threat group Google tracks as UNC6395 systematically stole large amounts of data from Salesforce customer instances by using OAuth tokens stolen from Salesloft Drift, researchers said.
The initiative seeks to patch vulnerabilities in open-source code before they are exploited by would-be attackers. Now comes the hard part — putting the systems to the…
The flaw, disclosed a month after it was patched, provided an attacker with remote code execution privileges by poisoning the data ingested by the model.
The move is the result customer feedback, since they neither wanted to grant AI web crawlers unrestricted access to their data nor block the practice entirely.
Amazon’s Chief Security Officer Stephen Schmidt, center, talks with Danielle Ruderman, Senior Manager, Worldwide Security Specialists, AWS, and Lakshmi Raman, Chief Artificial Intelligence Officer for the Central Intelligence Agency, at the AWS Summit in Washington, D.C. on June 10, 2025. (Photo Courtesy of AWS)
