Salesloftのインシデントについて 8月後半から、Salesloftに起因するインシデントが世間を騒がせています。この記事では、Salesloftインシデントの背景と、現時点でどの様なことが起こっているかを簡単にまとめます。情報に更新があった場合にはこちらの記事も更新します。

ヒートウェーブのブログを更新しました。

Salesloftのインシデントについて

#security #セキュリティ #threat #intelligence #salesloft #ransomware #UNC6395

hwdream.com/salesloft-su...

FBI warns of UNC6040 UNC6395 hackers stealing Salesforce data connecting malicious Salesforce Data Loader OAuth apps read more about FBI warns of UNC6040 UNC6395 hackers stealing Salesforce data

FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data reconbee.com/fbi-warns-of...

#FBI #federalbureauofinvestigation #UNC6040 #UNC6395 #hackers #Hacked #salesforcedata #DataSecurity

FBI warns of new Salesforce attacks The FBI has issued a FLASH warning about Salesforce compromises linked to UNC6040 and UNC6395, urging companies to tighten defenses and report suspicious activity.

FBI e CISA: exploit attivi su Salesforce e DELMIA Apriso (CVE-2025-5086). Urgente remediation, MFA robusta e segmentazione tra SaaS e OT.

#cisa #DELMIAApriso #FBI #OAuth #Salesforce #UNC6040 #UNC6395 #vishing
www.matricedigitale.it/2025/09/13/f...

Awakari App

Salesloft GitHub Account Compromised Months Before Salesforce Attack The list of impacted cybersecurity firms has been expanded to include BeyondTrust, Bugcrowd, CyberArk, Cato Networks, JFrog, and...

#Data #Breaches #Featured #Salesforce #Salesloft #UNC6395

Origin | Interest | Match

OAuth tokens > firewalls. #UNC6395 loots #CRM via hijacked tokens; #UNC3944 vishes help desks then jumps to hypervisors. Audit scopes. Lock resets with phishing-resistant MFA. Read👇
blog.alphahunt.io/saas-data-th...

#AlphaHunt #CyberSecurity #SaaS #OAuth

Palo Alto Networks confirma brecha de seguridad Palo Alto Networks ha confirmado un ataque a la cadena de suministro, que resultó en el robo de datos de clientes desde sus instancias de Salesforce

#PaloAltoNetworks ha reportado una brecha de seguridad que permitió a ciberatacantes identificados como #UNC6395 acceder a información sensible de clientes usando tokens OAuth comprometidos en integraciones SaaS, con #Salesforce en el punto de mira.

www.cibersecurity.io/palo-alto-ne...

Zscaler colpita da breach supply-chain su Salesforce; patch Linux in ritardo aumentano rischi, TuxCare Radar introduce scanner CVE in-memory.

#databreach #Linux #patch #Salesloft #TuxCareRadar #UNC6395 #Zscaler
www.matricedigitale.it/2025/09/02/z...

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Google Reveals UNC6395’s OAuth Token Theft in Salesforce Breach Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

Google and Mandiant alert: Threat actor #UNC6395 stole OAuth tokens via Salesloft Drift, bypassed MFA, and exfiltrated #Salesforce data.

Read: hackread.com/google-unc63...

#CyberSecurity #OAuth #SalesloftDrift #InfoSec #Google