2026年5月13日～19日にアメリカ、カリフォルニアで開催されたPythonの年次国際カンファレンス 「PyCon US 2026」 に参加してきたので、その様子を2回にわたってレポートします。 PyCon US 2026とは PyCon ...

An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...

AIエージェントの普及に伴い、複数のアプリと自律連携する際のリスクや、既存の OAuth による認可管理の分断が課題となっています。これに対し Okta は、認可管理を IdP 側に委譲して一元管理する「Cross App ...

Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments, as the new ...

Model Context Protocol（MCP）コミュニティは、企業向け認可仕様の安定版「Enterprise-Managed Authorization（EMA）」を公開した。これにより、AIエージェントがユーザーの介入なしに、OktaやAnthropic、Visual Studio Codeなどのツールと安全に連携できるようになる。

Salesforce disabled Klue Battlecards integration after attackers used compromised OAuth tokens to access customer CRM data ...

Salesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as ...

More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...

Google fixed a Vertex AI SDK flaw in v1.148.0 after Unit 42 showed bucket squatting could enable model hijacking and code ...

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft. Five attack surfaces mapped.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...