This repository delivers a shaded OSGi bundle of a Google Auth Library for Java - OAuth2 HTTP artifact for running inside the Sling Rocket environment. To run the bundle delivered by this repository, ...

This library provides OAuth authentication for MCP servers using a flexible connector pattern. It handles the complete OAuth flow for any OAuth provider and provides an authenticated /mcp endpoint ...

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. Salesloft is a widely ...

In recent weeks, major companies like Palo Alto Networks, Zscaler, Cloudflare, and SpyCloud have all confirmed they were affected by a string of cyberattacks that began with Salesforce. Or at least, ...

The Salesloft Drift breach isn’t slowing down; it’s accelerating and growing daily. As the investigation matured, the core exfiltration window has been narrowed to mid-August, with disclosures still ...

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the ...

Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft Drift break-in to gain entry to ...

The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ...

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many ...

OAuth 2.1 is the officially mandated authorization standard in the Model Context Protocol (MCP) specifications. According to the official documentation, authorization servers must implement OAuth 2.1 ...