"For security and IT teams, the challenge is not just keeping up with the news-it's knowing which risks matter most right now. That's what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the Salesloft-Drift breach, where attackers stole OAuth tokens and accessed Salesforce data from some of the biggest names in tech. It's a sharp reminder of how fragile integrations can become the weak link in enterprise defenses."
"Salesloft announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been caught up in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. "This will provide the fastest path forward to comprehensively review the application and build additional resiliency and security in the system to return the application to full functionality," the company said."
Cyber threats evolve weekly with new vulnerabilities, exploits, and lessons for defenders. Attackers stole OAuth tokens from a Salesloft-Drift integration and accessed Salesforce data belonging to multiple large technology companies. Cloudflare, Google Workspace, PagerDuty, Palo Alto Networks, Proofpoint, SpyCloud, Tanium, Tenable, and Zscaler confirmed impact. The campaign has been attributed to UNC6395/GRUB1. Organizations are facing active exploitation of high-risk CVEs and continued activity from advanced threat actors. Security teams need prioritized risk triage and reduced noisy workflows. Emphasis is placed on securing integrations, reviewing authentication token handling, and improving resiliency in supply-chain dependent services.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]