News
4don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
The integration between Salesforce and the Salesloft platform has been restored after an investigation by Mandiant linked an ...
Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. It's currently not ...
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
The Register on MSN5d
Drift massive attack traced back to loose Salesloft GitHub account
Meanwhile the victim count grows The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo ...
Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data breach campaign that some security researchers say has ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback