Cybersecurity company Zscaler has disclosed that it suffered a data breach after threat actors gained access to its Salesforce instance and stole customer information, including the contents of support cases. Bleeping Computer reports: This warning follows the compromise of Salesloft Drift, an AI chat agent that integrates with Salesforce, in which attackers stole OAuth and refresh tokens, […]
Another Salesloft Drift-related breach has been disclosed. Seucrity Affairs reports: Zscaler discloses a data breach that is linked to the recent Salesloft Drift attack. The cybersecurity vendor confirmed it was affected by a campaign targeting Salesloft Drift, a marketing SaaS integrated with Salesforce. Threat actors stole OAuth tokens from the company, the incident impacted multiple Salesforce […]
Updated September 1, 2025: Google issued a warning to all Gmail users, but then responded to headlines suggesting that there was any urgent problem or major security concern. Read Geekspin’s coverage, below, and then Google’s statement from September 1. Cyber threat looms for Gmail users following Salesforce data breach Google has issued a stark warning […]
China’s Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to what a top FBI cyber official told The Register: “There’s a good chance this espionage campaign has stolen information from nearly every American,” Michael Machtinger, deputy assistant […]
The company behind the Claude chatbot said it caught a hacker using its chatbot to identify, hack and extort at least 17 companies. NBC News reports: A hacker has exploited a leading artificial intelligence chatbot to conduct the most comprehensive and lucrative AI cybercriminal operation known to date, using it to do everything from find […]
Customers are targeted through compromised OAuth access tokens from Salesloft Drift integrations. IT Pro reports: Google’s Threat Intelligence Group (GTIG) has revealed that hackers harvested user credentials from Salesforce customers in a widespread campaign during the first half of this month. The attacker, tracked as UNC6395, targeted Salesforce customer instances through compromised OAuth tokens associated […]
TransUnion has mailed out notification letters to more than 4.4 million U.S. persons affected by a breach at a third-party application. In its notification to state attorneys general in Maine and California, TransUnion reported that the incident occurred on July 28, 2025, and they learned of it on July 30, 2025. The attack did not […]
HuffPost reports: Acolytes of former White House adviser Elon Musk ignored privacy warnings and mishandled sensitive Social Security information, according to a whistleblower complaint filed Tuesday. Officials from the so-called Department of Government Efficiency potentially put hundreds of millions of Americans’ sensitive information at risk by copying a critical Social Security database and uploading it to an […]
The Record reports: A cyberattack took down systems, websites and phone lines used by the state government of Nevada after an incident on Sunday morning. Nevada governor Joe Lombardo released a statement on Monday afternoon telling the public that emergency services are still available but the network incident “continues to impact the availability of certain […]
USA Herald reports: Tech conglomerate Fortive Corp. has agreed to a $3 million settlement to resolve a sweeping class action after two ransomware attacks in 2023 exposed the personal data of more than 34,000 individuals, according to a Washington federal judge’s preliminary approval. U.S. District Judge Richard A. Jones, presiding in Seattle, signed off Thursday on the […]
