Tag: unauthorized
-
OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted
Tags: access, ai, api, attack, authentication, breach, ceo, cisco, ciso, cloud, data, data-breach, exploit, extortion, gitlab, google, group, infrastructure, injection, intelligence, leak, linkedin, mandiant, metric, monitoring, risk, saas, supply-chain, theft, threat, tool, unauthorized, vulnerabilityGoogle threat intelligence ties attack to ShinyHunters: The disclosure marks the latest chapter in an escalating pattern of attacks targeting OAuth tokens of trusted third-party SaaS integrations with Salesforce. According to Austin Larsen, principal threat analyst at Google Threat Intelligence Group, the campaign is tied to threat actors associated with ShinyHunters. This notorious extortion group…
-
OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted
Tags: access, ai, api, attack, authentication, breach, ceo, cisco, ciso, cloud, data, data-breach, exploit, extortion, gitlab, google, group, infrastructure, injection, intelligence, leak, linkedin, mandiant, metric, monitoring, risk, saas, supply-chain, theft, threat, tool, unauthorized, vulnerabilityGoogle threat intelligence ties attack to ShinyHunters: The disclosure marks the latest chapter in an escalating pattern of attacks targeting OAuth tokens of trusted third-party SaaS integrations with Salesforce. According to Austin Larsen, principal threat analyst at Google Threat Intelligence Group, the campaign is tied to threat actors associated with ShinyHunters. This notorious extortion group…
-
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. >>Salesforce has identified unusual activity involving Gainsight-published applications connected…
-
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. >>Salesforce has identified unusual activity involving Gainsight-published applications connected…
-
New Gainsight Supply Chain Hack Could Affect Salesforce Customers
Salesforce believes there has been unauthorized access to its customers’ data through the Gainsight app’s connection to its platform First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-gainsight-supply-chain-hack/
-
Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform.”Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection,” the company said in an advisory.The cloud services firm said it has taken the step of revoking all active access and refresh…
-
Salesforce cuts off access to third-party app after discovering ‘unusual activity’
Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.” First seen on therecord.media Jump to article: therecord.media/salesforce-cuts-off-access-to-third-party-unusual-activity
-
Salesforce cuts off access to third-party app after discovering ‘unusual activity’
Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.” First seen on therecord.media Jump to article: therecord.media/salesforce-cuts-off-access-to-third-party-unusual-activity
-
ShinyHunters Hack Salesforce Instances Via Gainsight Apps
Salesforce Revoked Gainsight Authentication Tokens. Customer relationship management giant Salesforce is again notifying customers that hackers may be stealing their data through a third-party app. The San Francisco company late Wednesday disclosed that apps published by Gainsight connected to Salesforce instances may have enabled unauthorized access. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/shinyhunters-hack-salesforce-instances-via-gainsight-apps-a-30087
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
The Changing Threat Landscape for Retailers: Why is data security working harder than last year?
Tags: access, ai, api, application-security, attack, automation, breach, business, cloud, compliance, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, GDPR, hacker, ibm, incident, intelligence, Internet, malicious, malware, monitoring, PCI, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, saas, security-incident, service, social-engineering, software, strategy, supply-chain, tactics, threat, tool, unauthorized, vulnerabilityThe Changing Threat Landscape for Retailers: Why is data security working harder than last year? madhav Thu, 11/20/2025 – 08:37 It’s the 2025 holiday shopping season, and retailers everywhere are geared up for the rush of online customers. From late November to January, which includes Black Friday, Cyber Monday, Christmas shopping, and end-of-season sales, is…
-
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors
SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
-
NDSS 2025 Detecting And Interpreting Inconsistencies In App Behaviors
SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Zhixiu Guo (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Jun Dai, Xiaoyan Sun (Department of Computer Science,…
-
APIs, Microservices and Risk Management FireTail Blog
Tags: access, ai, api, attack, authentication, best-practice, breach, business, compliance, data, detection, encryption, endpoint, firewall, framework, GDPR, guide, injection, LLM, monitoring, network, programming, regulation, risk, risk-management, service, software, strategy, threat, tool, unauthorized, updateNov 19, 2025 – Alan Fagan – Although microservices are widespread, they are often misunderstood by business leaders. While they present substantial benefits, they also have the potential to introduce new risks into the API environment. Understanding the benefits and risks of microservice utilization is a major step towards effective product development, so today, we’re…
-
APIs, Microservices and Risk Management FireTail Blog
Tags: access, ai, api, attack, authentication, best-practice, breach, business, compliance, data, detection, encryption, endpoint, firewall, framework, GDPR, guide, injection, LLM, monitoring, network, programming, regulation, risk, risk-management, service, software, strategy, threat, tool, unauthorized, updateNov 19, 2025 – Alan Fagan – Although microservices are widespread, they are often misunderstood by business leaders. While they present substantial benefits, they also have the potential to introduce new risks into the API environment. Understanding the benefits and risks of microservice utilization is a major step towards effective product development, so today, we’re…
-
API Security Essentials: A Comprehensive Checklist for Securing your API FireTail Blog
Tags: access, api, attack, authentication, breach, control, cyber, data, data-breach, defense, encryption, exploit, hacker, injection, malicious, network, open-source, penetration-testing, risk, risk-assessment, service, sql, threat, tool, unauthorized, vulnerabilityNov 19, 2025 – Alan Fagan – 1. Validating User Input One of the cornerstones of API security is to validate user input. Failing to do so accurately can lead to a security issues such as injection attacks and Cross-Site Scripting. When users send data to your API, no matter the type, it should be…
-
NDSS 2025 Understanding Miniapp Malware: Identification, Dissection, And Characterization
———– SESSION Session 3C: Mobile Security ———– ———– Authors, Creators & Presenters: Yuqing Yang (The Ohio State University), Yue Zhang (Drexel University), Zhiqiang Lin (The Ohio State University) ———– PAPER Understanding Miniapp Malware: Identification, Dissection, and Characterization Super apps, serving as centralized platforms that manage user information and integrate third-party miniapps, have revolutionized mobile computing…
-
Misconfigured AI Agents Let Attacks Slip Past Controls
AppOmni Finds Now Assist Agents Could Trigger Unauthorized Actions. ServiceNow’s Now Assist agents could be manipulated through second-order prompt injection, enabling unauthorized record changes and data exposure despite protections, shows new research from AppOmni. The issue stemmed from default configurations that allow agents to invoke each other. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/misconfigured-ai-agents-let-attacks-slip-past-controls-a-30068
-
CISA Alerts on Fortinet FortiWeb Vulnerability Exploited in Real-World Attacks
Tags: attack, cisa, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, injection, unauthorized, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical OS command injection vulnerability in Fortinet FortiWeb, warning that the flaw is actively being exploited in real-world attacks. The vulnerability, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on affected systems through specially crafted HTTP requests or command-line interface…
-
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Malicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive First seen on thehackernews.com Jump to…
-
New FortiWeb 0-Day Code Execution Flaw Actively Exploited
Fortinet has disclosed a critical OS command injection vulnerability affecting multiple versions of FortiWeb that is currently being exploited in the wild. The flaw, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on vulnerable systems through specially crafted HTTP requests or command-line interface commands. Aspect Details CVE ID CVE-2025-58034 Vulnerability Type OS Command…
-
New FortiWeb 0-Day Code Execution Flaw Actively Exploited
Fortinet has disclosed a critical OS command injection vulnerability affecting multiple versions of FortiWeb that is currently being exploited in the wild. The flaw, tracked as CVE-2025-58034, allows authenticated attackers to execute unauthorized code on vulnerable systems through specially crafted HTTP requests or command-line interface commands. Aspect Details CVE ID CVE-2025-58034 Vulnerability Type OS Command…
-
Eurofiber Data Breach Hackers Exploited Vulnerability to Exfiltrate Users’ Data
Tags: breach, cyber, cybersecurity, data, data-breach, exploit, finance, hacker, service, software, unauthorized, vulnerabilityEurofiber France has disclosed a significant cybersecurity incident detected on November 13, 2025, involving a software vulnerability in its ticket management platform and customer portals. The breach resulted in unauthorized data exfiltration affecting multiple service brands and regional divisions. However, the company reports that critical financial information and customer services remained secure throughout the incident.…
-
Comprehensive Guide to Risk-Based Authorization for Identity and Access Management
Learn how to implement risk-based authorization for enhanced security in identity and access management. Protect your applications from unauthorized access and data breaches. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/comprehensive-guide-to-risk-based-authorization-for-identity-and-access-management/
-
CBO director testifies that hackers have been expelled from email systems
Officials at the Congressional Budget Office “have not observed further evidence of unauthorized access” to the legislative branch agency’s systems, Director Phillip Swagel told lawmakers. First seen on therecord.media Jump to article: therecord.media/congressional-budget-office-director-testifies-hackers-expelled
-
Princeton University Data Breach: Donor Information Exposed in Compromised Database
Princeton University confirmed on November 15 that an Advancement database containing sensitive personal information about alums, donors, faculty members, students, parents, and other community members was compromised by outside actors on November 10. The unauthorized access lasted less than 24 hours before the institution’s security teams discovered and responded to the incident. The compromised database…
-
DoorDash Confirms Data Breach Compromised User Data
Tags: access, attack, breach, cyber, cybersecurity, data, data-breach, finance, social-engineering, unauthorizedDoorDash has publicly disclosed a cybersecurity incident in which an unauthorized third party gained access to specific user information through a targeted social engineering attack against one of the company’s employees. The company confirmed that while personal data was compromised, no sensitive financial information or identification documents were accessed during the breach. The incident represents…
-
DoorDash data breach exposes personal info after social engineering attack
Tags: attack, breach, cybersecurity, data, data-breach, email, phone, social-engineering, unauthorizedDoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users, Dashers, and merchants. U.S.-based food delivery and logistics company DoorDash announced that a social engineering attack led to a data breach. >>Our team recently identified and shut down a cybersecurity incident that involved an unauthorized…
-
DoorDash data breach exposes personal info after social engineering attack
Tags: attack, breach, cybersecurity, data, data-breach, email, phone, social-engineering, unauthorizedDoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users, Dashers, and merchants. U.S.-based food delivery and logistics company DoorDash announced that a social engineering attack led to a data breach. >>Our team recently identified and shut down a cybersecurity incident that involved an unauthorized…