Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...

Cloudflare last week pinned the attack on a threat group it tracks as GRUB1 that aligns with UNC6395. And it's suspected that ...

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...

Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data breach campaign that some security researchers say has ...

Millions of users of GitHub, the premier online platform for sharing open-source software, rely on stars to establish their ...

Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. It's currently not ...

Platform's staffer complains security review was 'rushed' Microsoft-owned collaborative coding platform GitHub is deepening ...

This is pure vibe coding, as good as it gets, because although you can edit the GitHub Spark output in its code view, you’re much more likely to change or refine its prompts to get the application you ...

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...