The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising ...

Turns out your biggest breach risk might come from a vendor’s acquisition — and an old OAuth token you didn’t even know ...

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...

An as-of-yet undiagnosed compromise of the Salesloft Drift AI-driven platform has led to a rash of stolen OAuth tokens, in turn creating downstream breaches at some of the biggest names in the ...

The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated ...

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

Cloudflare last week pinned the attack on a threat group it tracks as GRUB1 that aligns with UNC6395. And it's suspected that ...

2025年8月发生的Salesloft Drift数据泄露事件堪称SaaS史上最严重的供应链攻击之一，展示了单一受损集成如何引发大规模组织数据暴露。威胁组织UNC6395通过利用OAuth令牌漏洞，获取了包括Cloudflare、Palo Alto ...

The Salesloft Drift breach exposed SaaS integration risks. Learn how attackers gained access and what steps businesses must ...

Lovesac年销售额达7.5亿美元，以模块化沙发和豆袋沙发知名，在全美拥有267家展厅。公司称在事件发生后的三天内控制住了局面，目前无证据表明数据被滥用。 RansomHub近年来多次攻击了大型企业，包括哈里伯顿、Rite Aid药店等。

Secure your Microsoft account, secure your PC. Make sure these account settings in particular are properly set!

SaaS supply chain attacks exploit SaaS-to-SaaS connections using stolen OAuth tokens. Get practical steps to reduce your risk ...