Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Drift Attackers Gained Entry via a Salesloft GitHub Account

Attackers exploited a GitHub breach to steal OAuth tokens, compromising Salesforce data across 22 organizations in a coordinated supply chain attack tracked by Google and Mandiant.

Summary by The Register
: Meanwhile the victim count grows

7 Articles

The RegisterThe Register
Center

Drift attackers gained entry via a Salesloft GitHub account

: Meanwhile the victim count grows

Read Full Article
TechCrunchTechCrunch
Center

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the breach.

·United States
Read Full Article
The Hacker NewsThe Hacker News

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted by a supply chain breach. "With

Read Full Article
Help Net SecurityHelp Net Security

Salesloft Drift data breach: Investigation reveals how attackers got in - Help Net Security

The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that month, a threat actor exfiltrated data from their customers’ Salesforce instances by leveraging stolen OAuth credentials that enable the integration of their Drift (Salesloft) chatbot with said instances. Goo…

Read Full Article
unsafe.shunsafe.sh

More Cybersecurity Firms Affected by Salesforce-Salesloft Drift Vulnerability Attack

This article explains the meaning and common causes of HTTP error code 521. This error is often associated with CDN services (such as Cloudflare), indicating that the CDN cannot connect to the website server. Common causes include server misconfiguration, DNS settings issues, or server overload. Solutions include checking server status, optimizing configuration, or contacting the CDN provider for assistance.

Read Full Article
HackReadHackRead

Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens

Salesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

cybernoz.com broke the news in on Sunday, September 7, 2025.
Sources are mostly out of (0)

Similar News Topics

Google icon

Google

Cyber Security icon

Cyber Security

News
For You
SearchBlindspotLocal