Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Salesforce
Attackers are turning Salesforce trust into their biggest weapon

Salesforce has become a major target for attackers in 2025, according to new WithSecure research into threats affecting customer relationship management (CRM) platforms. The …

Cloudflare
Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise

Cloudflare has also been affected by the Salesloft Drift breach, the US web infrastructure and security company confirmed on Tuesday, and the attackers got their hands on 104 …

breach
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach

In the wake of last week’s revelation of a breach at Salesloft by a group tracked by Google as UNC6395, several companies – including Zscaler, Palo Alto Networks, …

Salesforce
Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those …

Microsoft 365 phishing
Attackers phish OAuth codes, take over Microsoft 365 accounts

Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics …

GitHub
GitHub project maintainers targeted with fake security alert

A phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and …

Nudge Security
Product showcase: How to track SaaS security best practices with Nudge Security

As technology adoption has shifted to be employee-led, IT and security teams are contending with an ever-expanding SaaS attack surface. At the same time, they are often spread …

OAuth
How threat actors abuse OAuth apps

OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security …

OAuth
3 ways to combat rising OAuth SaaS attacks

OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine …

Microsoft
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications …

email
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …

hand
Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools