There’s an update to the Salesloft+Drift portal with results from the Mandiant Drift and Salesloft application investigations: Mandiant’s investigation has determined the threat actor took the following actions: In March through June 2025, the threat actor accessed the Salesloft GitHub account. With this access, the threat actor was able to download content from multiple repositories,…
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
Jonathan Greig reports: Federal civilian agencies have until September 25 to patch a vulnerability in popular content management system Sitecore after incident responders said they disrupted a recent attack involving the bug. Sitecore published a bulletin on Wednesday about CVE-2025-53690, which affects several of the company’s products. A key issue with the bug is the use of…
Idaho man who threatened his hacking victims appeals his sentence in Georgia
Back in 2016-2018 when threat actors known as thedarkoverlord (“TDO”) were hacking entities and attempting to extort their victims by sending them emails with details about their family members and threats of what would happen if the victims didn’t pay up, a man in Meridian Idaho who called himself “Lifelock” or “Studmaster” was doing the…
Qantas CEO, top executives lose $522,000 in pay for major cyber breach
Angus Whitley reports: Qantas Airways Ltd. Chief Executive Officer Vanessa Hudson and her top leadership team were docked A$800,000 ($522,000) in pay for a cyberbreach that impacted millions of customers, as the airline attempts to show it’s taking a harder line on accountability and governance. Hudson forfeited A$250,000 in compensation, while the airline’s five executive…
Department of State employee sentenced for transmitting national defense information to suspected Chinese government agents
Today’s reminder of the insider threat, from the U.S. Attorney’s Office for the Eastern District of Virginia: ALEXANDRIA, Va. – A U.S. Department of State (DOS) employee was sentenced today to four years in prison for conspiring to collect and transmit national defense information to individuals he knew to be working for the government of…
Salesloft Drift Breach Rolls Up Cloudflare, Palo Alto, Zscaler, and Others
Jeffrey Burt reports: The ever-widening series of supply chain attacks on Salesforce instances linked to Salesloft’ Drift app has claimed a number of new victims in recent days, including Cloudflare, Palto Alto Networks, and Zscaler. Cybersecurity firms SpyCloud and PagerDuty also said they were hit by the UNC6395 threat group that exploited a vulnerability in…