Drift

2026-05-03
The OAuth Pivot: How SaaS-to-SaaS Trust Became the 2026 Supply Chain Attack
Salesloft Drift industrialized it. UNC6040 weaponized vishing into it. Vercel and Context.ai proved it pivots through Google Workspace. The pattern is the same: a third-party SaaS gets popped, the attacker inherits its OAuth grants, and your password reset does absolutely nothing.
oauth saas-supply-chain salesforce google-workspace unc6040 shinyhunters vercel salesloft drift connected-app refresh-token opinion

The OAuth Pivot: How SaaS-to-SaaS Trust Became the 2026 Supply Chain Attack