A SaaS Security nightmare for IT managers everywhere recently came true. Attackers leveraged legitimate OAuth tokens from Salesloft’s Drift chatbot integration with Salesforce to silently exfiltrate customer data from the popular CRM platform, according to Google Threat Intelligence Group. The sophisticated attack exposes a critical blind spot that most security teams don’t even know they have. When SaaS Integrations Become Attack Vectors Between August 8-18, 2025, the threat actor Google calls UNC6395 targeted the OAuth-based connection between Drift and Salesforce—an integration that thousands of sales teams rely on daily to sync marketing conversations and lead data. The attacker understood a […]
The post The Drift–Salesforce Attack: Time to Rethink Your SaaS Security appeared first on Check Point Blog.
Read the original article: