#unc6395 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #unc6395, aggregated by home.social.
-
ShinyHunters Wage Broad Corporate Extortion Spree https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ #ScatteredLAPSUS$Hunters #OracleEBusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #AustinLarsen #CVE202561882 #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ #ScatteredLAPSUS$Hunters #OracleEBusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #AustinLarsen #CVE202561882 #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ #ScatteredLAPSUS$Hunters #OracleEBusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #AustinLarsen #CVE202561882 #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ #ScatteredLAPSUS$Hunters #OracleEBusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #AustinLarsen #CVE202561882 #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree
https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/
#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree
https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/
#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree
https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/
#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree
https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/
#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
ShinyHunters Wage Broad Corporate Extortion Spree
https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/
#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395
-
Hacker behaupten: "Wir haben 1,5 Milliarden #Salesforce-Datensätze" - inside-it[.]ch https://www.inside-it.ch/hacker-behaupten-wir-haben-1%252C5-milliarden-salesforce-datensaetze-20250919 #Shinyhunters #SocialEngineering #ScatteredSpiders #UNC6040 #UNC6395 #Hacking #Datenschutz #privacy #DataLeak #Datenleck
-
"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.
[...]
In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.
ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."
Read more of Lawrence Abrams' great reporting on Bleeping Computer:
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/#Salesforce #Salesloft #Oauth #Drift #databreach #ransom #ShinyyHunters #ScatteredSpider #LAPSUS$ #UNC6040 #UNC6395
-
"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.
[...]
In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.
ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."
Read more of Lawrence Abrams' great reporting on Bleeping Computer:
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/#Salesforce #Salesloft #Oauth #Drift #databreach #ransom #ShinyyHunters #ScatteredSpider #LAPSUS$ #UNC6040 #UNC6395
-
"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.
[...]
In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.
ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."
Read more of Lawrence Abrams' great reporting on Bleeping Computer:
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/#Salesforce #Salesloft #Oauth #Drift #databreach #ransom #ShinyyHunters #ScatteredSpider #LAPSUS$ #UNC6040 #UNC6395
-
"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.
[...]
In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.
ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."
Read more of Lawrence Abrams' great reporting on Bleeping Computer:
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/#Salesforce #Salesloft #Oauth #Drift #databreach #ransom #ShinyyHunters #ScatteredSpider #LAPSUS$ #UNC6040 #UNC6395
-
"The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.
[...]
In March, one of the threat actors breached Salesloft's GitHub repository, which contained the private source code for the company.
ShinyHunters told BleepingComputer that the threat actors used the TruffleHog security tool to scan the source code for secrets, which resulted in the finding of OAuth tokens for the Salesloft Drift and the Drift Email platforms."
Read more of Lawrence Abrams' great reporting on Bleeping Computer:
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/#Salesforce #Salesloft #Oauth #Drift #databreach #ransom #ShinyyHunters #ScatteredSpider #LAPSUS$ #UNC6040 #UNC6395
-
Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion
#UNC6040 #UNC6395
https://www.ic3.gov/CSA/2025/250912.pdf -
Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack – Source: securityaffairs.com https://ciso2ciso.com/hackers-breached-salesloft-s-github-in-march-and-used-stole-tokens-in-a-mass-attack-source-securityaffairs-com/ #rssfeedpostgeneratorecho #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #CyberCrime #Cybercrime #DataBreach #Salesloft #hacking #UNC6395 #GitHub
-
Salesloft GitHub Account Compromised Months Before Salesforce Attack https://www.securityweek.com/salesloft-github-account-compromised-months-before-salesforce-attack/ #DataBreaches #Salesforce #Salesloft #Featured #UNC6395
-
Salesloft GitHub Account Compromised Months Before Salesforce Attack https://www.securityweek.com/salesloft-github-account-compromised-months-before-salesforce-attack/ #DataBreaches #Salesforce #Salesloft #Featured #UNC6395
-
In 2025, UNC6395 struck Salesloft’s Drift, exposing Salesforce data and Google Workspace emails. From malicious IPs to SOQL queries, learn how this stealth attack unfolded and get Mandiant-backed strategies to lock down your integrations. Protect your business—read the full story now.
#SecurityLand #BreachBreakdown #Cybersecurity #Salesforce #SalesloftDrift #DataBreach #CyberAttack #UNC6395 #Mandiant
-
Cloudflare and Palo Alto Networks Named as Additional Victims in Salesloft Supply-Chain Attack https://dailydarkweb.net/cloudflare-and-palo-alto-networks-named-as-additional-victims-in-salesloft-supply-chain-attack/ #supplychainattack #PaloAltoNetworks #CyberSecurity #DataBreaches #customerdata #Cloudflare #databreach #Salesforce #Salesloft #UNC6395 #Drift #USA
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
#GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
#GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
#GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
#GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
#GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ #GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ #GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ #GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ #GoogleThreatIntelligenceGroup #ALittleSunshine #CharlesCarmakal #ScatteredSpider #LatestWarnings #TheComingStorm #SalesloftDrift #DataBreaches #AustinLarsen #JoshuaWright #ShinyHunters #CounterHack #Salesforce #AlanLiska #Mandiant #UNC6040 #UNC6395 #google
-
UNC6395 targets Salesloft in Drift OAuth token theft campaign – Source: securityaffairs.com https://ciso2ciso.com/unc6395-targets-salesloft-in-drift-oauth-token-theft-campaign-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #CyberCrime #Cybercrime #Salesforce #Salesloft #Security #hacking #UNC6395
-
Google Reveals UNC6395’s OAuth Token Theft in Salesforce Breach https://hackread.com/google-unc639s-oauth-token-theft-salesforce-breach/ #SalesloftDrift #Cybersecurity #CyberAttacks #CyberAttack #Salesforce #Security #Mandiant #UNC6395 #Google #OAuth #MFA
-
Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign https://www.securityweek.com/hundreds-of-salesforce-customers-hit-by-widespread-data-theft-campaign/ #DataBreaches #Salesforce #UNC6395
-
Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign https://www.securityweek.com/hundreds-of-salesforce-customers-hit-by-widespread-data-theft-campaign/ #DataBreaches #Salesforce #UNC6395
-
Google and Mandiant alert: Threat actor #UNC6395 stole OAuth tokens via Salesloft Drift, bypassed MFA, and exfiltrated #Salesforce data.
Read: https://hackread.com/google-unc639s-oauth-token-theft-salesforce-breach/