Trump Criticizes EU’s €120 Million Fine on Elon Musk’s X Platform 
EU Court Cuts Intel Antitrust Fine to €237 Million Amid Long-Running AMD Dispute 
Westpac Director Peter Nash Avoids Major Investor Backlash Amid ASX Scrutiny 
Microsoft Unveils Massive Global AI Investments, Prioritizing India’s Rapidly Growing Digital Market 
IBM Nears $11 Billion Deal to Acquire Confluent in Major AI and Data Push 
JD.com Pledges 22 Billion Yuan Housing Support for Couriers as China’s Instant Retail Competition Heats Up 
Moore Threads Stock Slides After Risk Warning Despite 600% Surge Since IPO 
Taiwan Opposition Criticizes Plan to Block Chinese App Rednote Over Security Concerns 
Intel’s Testing of China-Linked Chipmaking Tools Raises U.S. National Security Concerns 
United Airlines Flight to Tokyo Returns to Dulles After Engine Failure During Takeoff 
SoftBank Shares Slide as Oracle’s AI Spending Plans Fuel Market Jitters 
EssilorLuxottica Bets on AI-Powered Smart Glasses as Competition Intensifies 
Mizuho Raises Broadcom Price Target to $450 on Surging AI Chip Demand 
ADB Approves $400 Million Loan to Boost Ease of Doing Business in the Philippines 
SK Hynix Labeled “Investment Warning Stock” After Extraordinary 200% Share Surge 
Rio Tinto Signs Interim Agreement With Yinhawangka Aboriginal Group Over Pilbara Mining Operations 
Air Force One Delivery Delayed to 2028 as Boeing Faces Rising Costs 
Salesforce announced that it is investigating unusual activity involving Gainsight-published applications after discovering that the integrations may have exposed certain customers’ Salesforce data. According to a statement posted on Salesforce’s status portal, the affected applications — which customers install and manage within their own environments — may have enabled unauthorized access to customer data. As a precaution, Salesforce revoked all active access to Gainsight’s apps. The company emphasized that there is currently no evidence suggesting the incident stemmed from a vulnerability in the Salesforce platform itself.
Gainsight acknowledged the situation on its website, confirming that it is working closely with Salesforce to understand the activity that prompted the revocation of access tokens for its applications. While Gainsight did not immediately respond to further inquiries, the incident has already raised concerns about the broader risks associated with software integrations across cloud platforms.
Cybersecurity experts note that attackers are increasingly targeting third-party integrations rather than core platforms. These integrations often hold powerful permissions, making them valuable entry points for unauthorized access. Jaime Vasco, cofounder of Nudge Security, highlighted this shift, explaining that attackers can exploit privileged integrations without compromising a company’s main infrastructure. He described this trend as a new and expanding attack surface.
Recent incidents across the tech ecosystem underscore this pattern. Just last month, Google revealed that a security weakness within Oracle’s E-Business Suite had potentially impacted more than 100 organizations. Earlier this year, Google also reported that hackers tricked employees of Salesforce customers into downloading a modified version of Salesforce’s Data Loader tool, granting attackers access to sensitive data.
As Salesforce and Gainsight continue their investigation, the incident serves as a reminder of the growing importance of securing third-party integrations within cloud environments. Companies relying on SaaS tools must enhance their monitoring and adopt tighter controls to prevent unauthorized access through privileged integrations.
