In August 2025, attackers exploited the Salesloft-Drift OAuth integration to compromise over 700 organizations’ Salesforce instances. This wasn’t a direct vulnerability in Salesforce, but rather an ...

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

In today’s hyperconnected world, the average enterprise juggles more than a 1,000 applications—a number projected to increase dramatically as innovation accelerates. Research firm IDC estimates that 1 ...

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. The campaigns were discovered by ...

IBM has revealed several severe vulnerabilities within its webMethods Integration Server, a platform widely utilized for integration and API management. These IBM webMethods Integration ...

IBM announced it has completed its acquisition of StreamSets and webMethods from Software AG after receiving all required regulatory approvals—bringing together leading capabilities in integration, ...

From a user's perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you're ...

MIAMI—Mission 500, the charitable organization dedicated to serving the needs of children and communities in crisis, has announced Nikki Nemarich of Axis Communications as its newest board member.

Written by Tamara Bailey, Content Marketing Specialist, AppOmni. Previous security breaches at Heroku and GitHub serve as stark reminders that OAuth token theft and inactive, overly permissive SaaS-to ...