SECURITY ALERT:

OAuth abuse: lessons from the Salesloft-drift breach

  • Login
  • Contact Us
CheckRed Security logo
  • Home
  • Platform
        • SSPMProtect your SaaS applications from security risks
        • DNSPMFull visibility & control over all DNS providers
        • CSPMDetect security misconfigurations in your cloud
        • CIEMSafeguard your cloud identities and entitlements
        • Continuous ComplianceAchieve regulatory compliance with custom frameworks
        • IntegrationsImprove collaboration with our integration capabilities
        • CWPPProtect all layers of your cloud workloads
        • CNAPPSecure 100% of your cloud with a single platform
        • KSPMSecure all your Kubernetes clusters
        • ADPMDetect Active Directory vulnerabilities
        • Identity PostureGovern all identities – human & non-human
        • ITDRReal-time SaaS identity threat detection & response
  • Solutions
        • SaaS Apps

        • Microsoft 365
        • Salesforce
        • ServiceNow
        • Okta
        • Other Supported Apps
        • Cloud Apps

        • Amazon Web Services
        • Microsoft Azure
        • Google Cloud
        • Akamai Linode
        • Multi-cloud
  • Use Cases
        • By Capability

        • 360° Asset Visibility
        • Misconfiguration Assessment
        • Identity and Access Management (IAM)
        • 3rd Party App Management
        • Alert Prioritization
        • Guided Remediation
        • Continuous Compliance Assessment
        • By Industry

        • Finance
        • Healthcare
        • MSSP
        • Technology
        • Other
        • By Role

        • CISO
        • CIO
        • CTO
        • Analysts
  • Resources
    • Blog
    • White Papers
    • Use Cases
    • Case Studies
    • Datasheets
    • In The News
  • Company
    • About Us
    • Testimonials
    • Careers
    • Contact Us
    • Partner Login
  • Partners
  • Get a Demo
  • Login
  • Contact Us

Blog

Back To All Resources
When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

When OAuth Tokens Go Rogue: Lessons from the Salesloft–Drift Breach

Sep 3, 2025

In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations' Salesforce...

read more
Columbia University Breach Exposes 870,000 Records: The Case for Unified Cloud and SaaS Security

Columbia University Breach Exposes 870,000 Records: The Case for Unified Cloud and SaaS Security

Aug 28, 2025

When news broke that Columbia University suffered a cyberattack affecting nearly 870,000 individuals, the scale immediately...

read more
26 Million Resumes Exposed – What the TalentHook Breach Teaches Us About Cloud Misconfigurations

26 Million Resumes Exposed – What the TalentHook Breach Teaches Us About Cloud Misconfigurations

Aug 21, 2025

When jobseekers upload their resumes online, they expect them to be viewed only by recruiters and employers. But for nearly...

read more
Why DNS Is Becoming the Next Malware Delivery Channel

Why DNS Is Becoming the Next Malware Delivery Channel

Aug 18, 2025

For decades, the Domain Name System (DNS) has quietly served as the backbone of the internet, translating user-friendly...

read more
What Microsoft’s DDoS Outage Reveals About Hidden DNS Risks

What Microsoft’s DDoS Outage Reveals About Hidden DNS Risks

Jul 28, 2025

When Microsoft confirmed that a distributed denial-of-service (DDoS) attack had caused a nearly eight-hour disruption...

read more
6 Cloud and SaaS Security Missteps That Can Leave Grocery Shelves Empty

6 Cloud and SaaS Security Missteps That Can Leave Grocery Shelves Empty

Jul 22, 2025

In recent months, thousands of shoppers across Minnesota encountered an all-too-familiar pandemic-era sight: empty grocery...

read more
Typosquatting by the Thousands: What LabHost Taught Us About DNS Blind Spots

Typosquatting by the Thousands: What LabHost Taught Us About DNS Blind Spots

Jul 14, 2025

When the FBI issued its FLASH alert on April 29, 2025, it revealed a massive phishing-as-a-service (PhaaS) campaign known...

read more
Homoglyph Attacks & Domain Squatting: The Hidden Risk to Your Brand

Homoglyph Attacks & Domain Squatting: The Hidden Risk to Your Brand

Jul 2, 2025

Cybercriminals are getting smarter—and stealthier. One of the most dangerous and overlooked threats to your brand is...

read more
What the TCS Domain Hijack Still Teaches Us About DNS Security

What the TCS Domain Hijack Still Teaches Us About DNS Security

Jun 30, 2025

In 2010, Tata Consultancy Services (TCS), India’s largest software services company, found its main website, tcs.com,...

read more
Page 1 of 1412345...Next →Last Page
CheckRed Security logo

Inspect misconfigurations. Meet compliance requirements. Analyze risks.
An all-in-one platform for cloud, SaaS and DNS security!

Follow us on

  • Platforms
    • SSPM
    • DNSPM
    • CSPM
    • CIEM
    • CWPP
    • CNAPP
    • ITDR
    • Continuous Compliance
    • Integrations
  • SaaS Security
    • Microsoft 365
    • Salesforce
    • ServiceNow
    • Okta
    • Other Supported Apps
  • Cloud Security
    • Amazon Web Services (AWS)
    • Microsoft Azure
    • Google Cloud
    • Akamai Linode
    • Multi-cloud
  • Company
    • About Us
    • Careers
    • Contact Us
    • Resources
    • Support
Top Infosec Awards certification logo
Top Infosec Awards
SOC 2 Compliant certification logo
SOC 2 Compliant
 ISO 27001 Certified certification logo
ISO 27001 Certified
 CSA Member
CSA Member
 CSA Member
Star Level 1
© 2025 CheckRed. All Rights Reserved.
  • Privacy Policy