Rebecca Slaughter’s return-to-work orders have been put on hold for the second time this year, after the U.S. Supreme Court…
In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with…
A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw,…
Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked to hijack…
Sep 08, 2025Ravie LakshmananSupply Chain Attack / API Security Salesloft has revealed that the data breach linked to its Drift…
Windows Server Update Services (WSUS) has been a go-to patch management tool for over two decades, providing IT administrators with…
Qualys has confirmed it was impacted by a widespread supply chain attack that targeted the Salesloft Drift marketing platform, resulting…
This week on the Lock and Code podcast… In the late 2010s, a group of sheriffs out of Pasco County,…
Salesloft said it has restored the integration between its Drift platform and Salesforce after an investigation by Mandiant linked an…
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used…
A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an…
A critical zero-day vulnerability (CVE-2025-53690) is being actively exploited in Sitecore. This flaw, originating from old, insecure keys, allows hackers…