https://cybercrime.club/tags/salesloft/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSun, 03 May 2026 10:00:00 -0400https://cybercrime.club/deep-dives/oauth-pivot-saas-supply-chain-2026/Sun, 03 May 2026 10:00:00 -0400https://cybercrime.club/deep-dives/oauth-pivot-saas-supply-chain-2026/Salesloft Drift industrialized it. UNC6040 weaponized vishing into it. Vercel and Context.ai proved it pivots through Google Workspace. The pattern is the same: a third-party SaaS gets popped, the attacker inherits its OAuth grants, and your password reset does absolutely nothing.