Topic: reconnaissance activities
-
Salesloft Links Drift Data Theft to March GitHub Hack
A data breach at Salesloft originated from a March intrusion into its GitHub account, allowing attackers to steal authentication tokens and target major tech clients over several months. The attackers used stolen OAuth tokens to infiltrate companies like Google and Cloudflare via Salesloft's AWS ...
Read More » -
Ransomware Groups Pivot as Victims Stop Paying
Ransomware payment rates have plummeted to just 23% in Q3 2025, significantly undermining the financial model of cybercriminals and marking a victory for cybersecurity efforts. Attackers are increasingly relying on social engineering tactics like insider threats, helpdesk impersonation, and callb...
Read More » -
Salesloft & Drift Breach: How Attackers Infiltrated Systems
A cybersecurity breach at Salesloft began with unauthorized access to its GitHub account, leading to data theft from customer Salesforce instances via stolen OAuth credentials from the Drift platform. The attack, attributed to threat group UNC6395, targeted sensitive credentials like AWS keys and...
Read More » -
Active Attacks Exploit Critical WSUS Flaw in Windows Server
Actively exploited critical vulnerabilities (CVE-2025-59287) in Windows Server Update Services (WSUS) allow remote code execution and system takeover, requiring immediate emergency patching. Microsoft has released out-of-band security updates for all affected Windows Server versions and recommend...
Read More »
