Access tokens strike again, the Salesloft Drift breach
Attackers (UNC6395) used stolen Drift OAuth tokens to mass‑query Salesforce, mine embedded secrets (AWS, Snowflake), and pivot into connected platforms.

Identity is the most common vector for data breaches and lateral movement. SlashID allows you to build a secure, compliant, and scalable identity infrastructure.
Threat and posture detection and remediation for all your users and non-human identities.
Easily understand who has access to what across different cloud providers and tools.
Enforce least privilege, revoke risky credentials and integrate with your SOAR and SIEM tools.
View, detect and remediate identity events across all your environments.
Identity is the most used attack vector for initial intrusion and lateral movement. Posture management and governance are not enough.
View the identity map of your entire organization and easily understand ownership and access patterns. Easily enforce least privilege and credential ownership.
Comply with regulatory frameworks such as PCI-DSS, SOC2 and others. Obtain ready to use reports and audit-ready access logs.
Attackers (UNC6395) used stolen Drift OAuth tokens to mass‑query Salesforce, mine embedded secrets (AWS, Snowflake), and pivot into connected platforms.
Attackers are increasingly targeting Entra ID by silently injecting high-privilege OAuth grants and backdooring enterprise apps—achieving persistence without user interaction.
Several Chrome extension developers were compromised in recent weeks by an attack seeking to create a backdoor in the extensions.