Recent advancements in open-source tools have inadvertently contributed to a significant supply chain breach, originating from a focused attack that swiftly expanded, compromising sensitive information across multiple projects. This breach highlights how a manipulated GitHub Action, designed to analyze changed files, evolved from targeting specific projects like Coinbase into a…
In early September 2023, Qrator Labs identified and successfully mitigated one of the year’s most consequential Layer 7 DDoS attacks, executed by what is currently recognized as the largest botnet in existence. This attack targeted a government organization and exploited 5.76 million compromised Internet of Things (IoT) devices, among other…
Okta, a pivotal player in identity and access management, reported an unauthorized access event involving its source code repositories earlier this month. The incident, which was disclosed on Wednesday, raises substantial concerns about the security practices surrounding sensitive organizational code. According to an official statement, Okta reassured stakeholders that “there…
Recent developments have emerged regarding the Salesloft Drift breach, which has impacted over 700 organizations across the globe. New victims have come forward, adding to the severity of the incident. On August 20, Salesloft and Salesforce announced they had severed ties between Drift, an AI-powered chatbot for sales and marketing,…
Cybercriminals continue to exploit Microsoft Word and Excel documents as conduits for malware delivery as we advance through 2025. These methods remain effective, leveraging phishing tactics and zero-click exploits to infiltrate targets with relative ease, particularly in corporate settings where Office documents are routinely shared. This year, there are three…
Identity & Access Management, Security Operations Salesloft Reports GitHub Repository Compromised by Cyber Attackers Greg Sirico • September 8, 2025 Image: Shutterstock Salesloft has confirmed that hackers gained unauthorized access to its GitHub repository, leading to a significant breach affecting several companies, including cybersecurity firms Tenable and Qualys. This incident…
Recent data breaches have raised concerns about security within popular applications, particularly the use of the Salesloft Drift application to compromise Salesforce data. In an important update, Salesloft has reported that the security incident has been addressed, with containment measures and customer protections now in effect. To investigate the breach,…
The Biden administration has classified certain spyware used for phone hacking as highly controversial, leading to strict limitations on its use by the US government in an executive order issued in March 2024. As the Trump administration takes steps to enhance immigration enforcement, this landscape could shift dramatically, paving the…
Cloudflare Discovers Record-Breaking DDoS Attack In a significant cybersecurity breach, Cloudflare announced on Monday that it successfully mitigated a massive distributed denial-of-service (DDoS) attack, which reached an unprecedented peak of over 71 million requests per second (RPS). This attack, labeled a “hyper-volumetric” DDoS assault, eclipses the previous record of 46…
