Tag: unmanaged oauth grants

1 article

Computer screen displays OAuth integration interface in a CRM workspace.

OAuth Grants Expose Hidden Attack Vector in Enterprise Workspaces

Unmanaged OAuth grants are a ticking time bomb in enterprise workspaces, with 80% of security leaders recognizing them as a critical or significant risk. A recent attack by threat actor UNC6395 exploited valid OAuth refresh tokens to breach Salesforce environments of over 700 organizations, highlighting the devastating consequences of neglecting OAuth security.

Analyst 207May 5, 2026