News
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
9don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
Cloudflare last week pinned the attack on a threat group it tracks as GRUB1 that aligns with UNC6395. And it's suspected that ...
"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data breach campaign that some security researchers say has ...
Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...
2don MSN
Chinese malware is flooding GitHub pages - HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning
Chinese users looking to download popular browsers and communications software are being targeted by different malware variants, granting attackers remote access capabilities. This is according to ...
The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback