Safeguard
Tag

salesforce

Safeguard articles tagged "salesforce" — guides, analysis, and best practices for software supply chain and application security.

5 articles

Threat Intelligence

The Klue Breach: One Legacy Credential Turned Into a SaaS Supply Chain Attack on Salesforce and Gong

Attackers used a disused legacy credential at marketing-intelligence vendor Klue to push code that harvested customer OAuth tokens, then walked into Salesforce and Gong instances. A textbook SaaS-to-SaaS supply chain pivot.

Jun 17, 20266 min read
Threat Intelligence

OAuth Token Theft: The SaaS-to-SaaS Supply Chain Is the New Soft Target

The Klue and Salesloft Drift breaches showed the same pattern: steal one integration's OAuth tokens, inherit trusted access into hundreds of customer SaaS instances. Here is why third-party app grants are the supply chain risk most teams still aren't governing.

Jun 8, 20267 min read
Data Breach

Carnival Data Breach (May 2026): 5.99M Records Lost via Salesforce Social Engineering

Carnival confirmed a breach affecting nearly 6 million people on May 28, 2026, after an attacker socially engineered an employee into granting access to its IT environment. Here is the verified chain and what defenders should do.

May 28, 202611 min read
Data Breach

Odido Telecom Breach: 6.2M Dutch Customers, Salesforce, and No Compensation (May 2026)

Odido, the Netherlands' largest mobile operator, exposed 6.2 million customers' data, including IBANs and ID details, via a vishing-driven Salesforce intrusion. In May 2026 the company ruled out compensation as mass claims mounted.

May 12, 202610 min read
Incident Analysis

Salesloft Drift OAuth Breach: 700+ Salesforce Tenants Compromised

UNC6395 stole Salesloft Drift OAuth tokens to exfiltrate Salesforce data from more than 700 organisations including Cloudflare, Zscaler, and Palo Alto Networks in August 2025.

Sep 8, 20256 min read
salesforce — Safeguard Blog