Morgan Stanley Boosts Nvidia and Broadcom Targets as AI Demand Surges 
EU Prepares Antitrust Probe Into Meta’s AI Integration on WhatsApp 
Sam Altman Reportedly Explored Funding for Rocket Venture in Potential Challenge to SpaceX 
Apple Leads Singles’ Day Smartphone Sales as iPhone 17 Demand Surges 
Vietnam’s Growing Use of Chinese 5G Technology Raises Western Concerns 
Nexperia Urges China Division to Resume Chip Production as Supply Risks Mount 
Proxy Advisors Urge Vote Against ANZ’s Executive Pay Report Amid Scandal Fallout 
Firelight Launches as First XRP Staking Platform on Flare, Introduces DeFi Cover Feature 
Baidu Cuts Jobs as AI Competition and Ad Revenue Slump Intensify 
Tesla Faces 19% Drop in UK Registrations as Competition Intensifies 
Trump Administration to Secure Equity Stake in Pat Gelsinger’s XLight Startup 
AI-Guided Drones Transform Ukraine’s Battlefield Strategy 
Senate Sets December 8 Vote on Trump’s NASA Nominee Jared Isaacman 
Anthropic Reportedly Taps Wilson Sonsini as It Prepares for a Potential 2026 IPO 
Samsung Launches Galaxy Z TriFold to Elevate Its Position in the Foldable Smartphone Market 
Intel Boosts Malaysia Operations with Additional RM860 Million Investment 
ExxonMobil to Shut Older Singapore Steam Cracker Amid Global Petrochemical Downturn 
Salesforce announced that it is investigating unusual activity involving Gainsight-published applications after discovering that the integrations may have exposed certain customers’ Salesforce data. According to a statement posted on Salesforce’s status portal, the affected applications — which customers install and manage within their own environments — may have enabled unauthorized access to customer data. As a precaution, Salesforce revoked all active access to Gainsight’s apps. The company emphasized that there is currently no evidence suggesting the incident stemmed from a vulnerability in the Salesforce platform itself.
Gainsight acknowledged the situation on its website, confirming that it is working closely with Salesforce to understand the activity that prompted the revocation of access tokens for its applications. While Gainsight did not immediately respond to further inquiries, the incident has already raised concerns about the broader risks associated with software integrations across cloud platforms.
Cybersecurity experts note that attackers are increasingly targeting third-party integrations rather than core platforms. These integrations often hold powerful permissions, making them valuable entry points for unauthorized access. Jaime Vasco, cofounder of Nudge Security, highlighted this shift, explaining that attackers can exploit privileged integrations without compromising a company’s main infrastructure. He described this trend as a new and expanding attack surface.
Recent incidents across the tech ecosystem underscore this pattern. Just last month, Google revealed that a security weakness within Oracle’s E-Business Suite had potentially impacted more than 100 organizations. Earlier this year, Google also reported that hackers tricked employees of Salesforce customers into downloading a modified version of Salesforce’s Data Loader tool, granting attackers access to sensitive data.
As Salesforce and Gainsight continue their investigation, the incident serves as a reminder of the growing importance of securing third-party integrations within cloud environments. Companies relying on SaaS tools must enhance their monitoring and adopt tighter controls to prevent unauthorized access through privileged integrations.
