An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...

ReliaQuest observed attackers generating OAuth tokens and using Python scripts to query Salesforce's API for extended periods, as data was stolen. Huntress later disclosed that its own Salesforce ...

Google fixed a Vertex AI SDK flaw in v1.148.0 after Unit 42 showed bucket squatting could enable model hijacking and code ...

Okta introduced Cross App Access, or XAA, in June 2025 as a way to govern agent-to-app and app-to-app connections. Today’s ...

Salesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as ...

With the advent of AI-mediated APIs, the era of manually hard-coding every integration between every microservice may be ...

More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...

Front-end software development startup Vercel Inc. introduced a set of new products today at Ship, its annual conference, to ...

Australian organisations are pushing AI agents into production faster than they can govern them. Most can't see what those ...

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Cloudflare ended years of partner-only restrictions on Wednesday, opening self-managed OAuth 2.0 to every developer on its platform. The move eliminates the manual onboarding process that previously ...