A widespread authentication token theft campaign targeted Salesforce instances via the Salesloft Drift platform, affecting organizations like Palo Alto Networks and Zscaler, with the threat actor exfiltrating data focusing on credentials and sensitive information. The incident highlights the need for enhanced security audits and stronger access controls to mitigate supply chain attacks.
Latest mentioned: 09-07
Earliest mentioned: 09-01
Sources
thecyberexpress.comsecurityboulevard.comdarkreading.comdatabreaches.netthehackernews.comsecurityaffairs.comgbhackers.cominfosecurity-magazine.combleepingcomputer.comhackread.comkrebsonsecurity.comtheregister.comtheregister.comgbhackers.cominfosecurity-magazine.comgbhackers.compaloaltonetworks.comsecurityaffairs.combleepingcomputer.comhackread.combleepingcomputer.comcyberscoop.comdarkreading.comsecurityonline.infohackread.comtherecord.mediasecurityaffairs.com