Attackers have exploited OAuth tokens tied to third-party integrations (for example, Salesloft's Drift AI chat tool) to pivot into Salesforce environments and harvest metadata, credentials, AWS keys, and Snowflake tokens.
medium
cybersecurity-technical
Describes a technique used to compromise cloud CRM environments and escalate access to sensitive credentials and tokens.