News
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm ...
Security investigators from Google said UNC6395 hackers spent several months running through Salesloft and Drift systems before launching a data breach campaign that some security researchers say has ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
With hackers abusing GitHub to perpetuate their attacks, Microsoft should use AI to clean up its industry-leading software-sharing platform. When you purchase through links on our site, we may earn an ...
JavaScript packages with billions of downloads were compromised by an unknown threat actor looking to steal cryptocurrency.
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. It's currently not ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback