Tl;dr: If you manage even one Microsoft 365 tenant, it’s time to audit your OAuth apps. Statistically speaking, there’s a strong chance a malicious app is lurking in your environment. Seriously, go ...

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Google Threat Intelligence Group (GTIG) warns that attackers are stealing OAuth tokens via Salesloft Drift integrations in a massive Salesforce data theft. Alphabet’s GTIG and Mandiant attributed the ...

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part ...

What version of NodeJS driver are you using? 2.1.2 What operating system and processor architecture are you using? macOS Sonoma 14.7.4 Apple M2 Max What version of NodeJS are you using? v23.7.0 What ...

Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. The adversary ...

Microsoft on Tuesday issued a warning over the increasing use of Node.js for the delivery of malware and other malicious payloads. The tech giant has been seeing such attacks aimed at its customers ...

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...