Back to List
Industry NewsCybersecurityAIData Security

Attackers Exploit CX Platform AI Blind Spots to Compromise 700+ Organizations, Bypassing Approved SOC Defenses

A critical security vulnerability in Customer Experience (CX) platforms, often overlooked by Security Operations Centers (SOCs), has allowed attackers to compromise over 700 organizations. Attackers are poisoning the data fed into CX platform AI engines, which then trigger automated workflows connected to sensitive systems like payroll, CRM, and payment systems. The Salesloft/Drift breach in August 2025 exemplified this, where attackers accessed Salesforce environments across numerous organizations, including Cloudflare and Palo Alto Networks, by stealing OAuth tokens and scanning for AWS keys and plaintext passwords, all without deploying malware. Security leaders often miscategorize these platforms, failing to recognize their deep integration with critical business systems. This gap is exacerbated by the fact that while 98% of organizations have DLP programs, only 6% dedicate resources, and 81% of intrusions now use legitimate access, not malware. Cloud intrusions surged 136% in the first half of 2025, highlighting the urgent need to address input integrity once AI is integrated into workflows.

VentureBeat

Customer Experience (CX) platforms, which process billions of unstructured interactions annually through survey forms, review sites, social feeds, and call center transcripts, are feeding these vast datasets into AI engines. These AI engines subsequently trigger automated workflows that interact with critical business systems such as payroll, CRM, and payment systems. A significant security blind spot has emerged: Security Operation Center (SOC) leaders' existing tools do not inspect the data ingested by these CX platform AI engines. Attackers have identified and exploited this vulnerability by 'poisoning' the data, effectively making the AI perform the malicious actions on their behalf.

The Salesloft/Drift breach in August 2025 serves as a clear illustration of this attack vector. During this incident, attackers compromised Salesloft’s GitHub environment, subsequently stealing Drift chatbot OAuth tokens. This unauthorized access allowed them to infiltrate Salesforce environments across more than 700 organizations, including prominent names like Cloudflare, Palo Alto Networks, and Zscaler. Following the breach, the stolen data was scanned for sensitive credentials such as AWS keys, Snowflake tokens, and plaintext passwords. Notably, no malware was deployed in the attack, indicating a reliance on exploiting legitimate access and system functionalities.

This security gap is more pervasive than many security leaders currently acknowledge. According to Proofpoint’s 2025 Voice of the CISO report, which surveyed 1,600 CISOs across 16 countries, 98% of organizations have a data loss prevention (DLP) program in place, yet only a mere 6% allocate dedicated resources to it. Furthermore, CrowdStrike’s 2025 Threat Hunting Report highlights that 81% of interactive intrusions now leverage legitimate access credentials rather than deploying malware. The report also noted a significant surge in cloud intrusions, which increased by 136% in the first half of 2025.

Assaf Keren, Chief Security Officer at Qualtrics and former CISO at PayPal, emphasized the severity of this miscategorization in an interview with VentureBeat. He stated, “Most security teams still classify experience management platforms as ‘survey tools,’ which sit in the same risk tier as a project management app.” Keren stressed that this is a “massive miscategorization” because these platforms are now deeply integrated with HRIS, CRM, and compensation engines. Qualtrics alone processes 3.5 billion interactions annually, a figure that has doubled since 2023. The increasing integration of AI into workflows necessitates that organizations cannot afford to overlook steps related to input integrity.

Related News

Meituan Showcases AI Innovation at ACL 2026: Advancing LLM Evaluation and Reasoning Paradigms
Industry News

Meituan Showcases AI Innovation at ACL 2026: Advancing LLM Evaluation and Reasoning Paradigms

The Meituan Technical Team has achieved a significant milestone in the field of Natural Language Processing (NLP) with the acceptance of six research papers at ACL 2026, a premier international academic conference. These contributions span a diverse range of cutting-edge AI domains, including large language model (LLM) evaluation, complex process reasoning, and competition-level mathematical thinking optimization. Additionally, the research explores advancements in reinforcement learning and the emerging field of generative recommendation systems. By focusing on these critical technical directions, Meituan aims to establish a new generation paradigm for AI development. This achievement highlights the company's commitment to bridging the gap between theoretical research and practical industrial applications, ultimately enhancing the intelligence and efficiency of AI models across various specialized sectors.

Meituan Fulfillment AI Team Showcases Frontier Agent Technology and ACL 2026 Research Insights
Industry News

Meituan Fulfillment AI Team Showcases Frontier Agent Technology and ACL 2026 Research Insights

The Meituan Fulfillment AI Algorithm Team has unveiled its latest advancements in Large Language Model (LLM) Agent technology, specifically focusing on the integration of AI within Meituan's fulfillment business. By developing a self-evolving Agent operation system, the team leverages core technologies such as Continuous Pre-Training (CPT), Post-training, Agentic Reinforcement Learning (RL), and multimodal understanding. With a track record of numerous publications in top-tier conferences like ACL and EMNLP, this special session highlights their recent contributions to ACL 2026. The research emphasizes the practical application of AI agents to optimize operational efficiency and service delivery within the Meituan ecosystem, marking a significant step in industrial AI implementation and the evolution of autonomous business operations.

Google Faces Legal Action from Hachette and Scott Turow Over Gemini AI Training Data Usage
Industry News

Google Faces Legal Action from Hachette and Scott Turow Over Gemini AI Training Data Usage

Google is currently facing a significant lawsuit regarding the training data utilized for its Gemini AI models. The legal action has been initiated by high-profile plaintiffs, including the major global publishing house Hachette and the renowned author Scott Turow. The core of the dispute centers on the unauthorized use of copyrighted literary works to train Google's advanced generative artificial intelligence systems. This case represents a critical juncture in the ongoing conflict between technology companies and the creative industry, as authors and publishers seek to protect their intellectual property rights in the era of large-scale AI development. The outcome of this lawsuit could have lasting effects on how AI models are trained and how data is sourced across the tech industry.