An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce and other platforms, and accessed data across multiple customer environments ...
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign. Sources ...
More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...
A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code ...
Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. In this eMag, we try to establish agentic AI ...
Microsoft is extending Dataverse into coding-agent marketplaces while expanding its MCP tools, certification program and governance controls.
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser ...
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
Europe looks to fight any forced shutdown of AI The US ban on Anthropic’s latest models turned an unlikely ‘kill switch’ into a much more likely one. Is a world of AI shutdowns on the horizon? What ...
Microsoft Teams bot that ingests Microsoft Sentinel sign-on alerts and sends proactive Adaptive Card notifications for user verification. Capstone project built with UofG IT, including a STRIDE threat ...