News
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
32m
Salesforce platforms are being cracked open for data theft - FBI warns of UNC6040 and UNC6395 IOCs
The FBI labeled this group as UNC6395 and apparently, it struck some of the biggest tech and security organizations, ...
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...
Cloudflare last week pinned the attack on a threat group it tracks as GRUB1 that aligns with UNC6395. And it's suspected that ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Various human-element breach types and tactics will spring up in the coming weeks and months based on the data that was extracted, requiring specific tech and process controls. Your email, messaging, ...
The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...
Turns out your biggest breach risk might come from a vendor’s acquisition — and an old OAuth token you didn’t even know ...
Google is advising users of the Salesloft Drift AI chat agent to consider all security tokens connected to the platform ...
Proofpoint, SpyCloud, Tanium, and Tenable confirmed that hackers accessed information stored in their Salesforce instances.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback