Cloud-native systems now create far more machine identities than human ones. Security strategies built around workforce identity are no longer sufficient. Here’s what engineering leaders should build instead.
The Breach That Didn’t Need a Password
On August 8, 2025, a threat actor now tracked by Google’s Threat Intelligence Group as UNC6395 began quietly moving through the Salesforce instances of hundreds of companies. No phishing email landed in an inbox that day. No password was cracked. No multi-factor prompt was bypassed with a fatigue attack. The attacker simply had something better than a password: a valid OAuth token, stolen months earlier from Salesloft’s GitHub account, that let it impersonate the Drift chatbot integration and act with all the trust that integration had been granted.
![]()
Read the original article: