Security
Headlines
HeadlinesLatestCVEs

Tag

#oauth

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted by a supply chain breach. "With

The Hacker News
Open in Source
#web#google#amazon#git#aws#oauth#auth#The Hacker News
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the

Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens

Salesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted.

ICE Has Spyware Now

Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more.

GHSA-6859-2qxq-ffv2: pgadmin4 is affected by a Cross-Origin Opener Policy (COOP) vulnerability

pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.

From summer camp to grind season

Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry.

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. "This will provide the fastest path forward to comprehensively review the application and build

Cloudflare Confirms Data Breach Linked to Salesforce and Salesloft Drift

Cloudflare confirms a Salesforce-linked data breach via Salesloft Drift, exposing customer support case data but leaving core systems…

Palo Alto Networks, Zscaler and PagerDuty Hit in Salesforce Linked Data Breaches

Hackers exploited the Salesloft Drift app to steal OAuth tokens and access Salesforce data, exposing customer details at…

JSON Config File Leaks Azure ActiveDirectory Credentials

In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.