GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

The Salesloft homepage says "Put your wins on repeat", and features the scrolling logos of several dozen customers, including IBM, Blackbaud, Citrix, Stripe, 3M, Shopify, Lexmark, SAP Concur and others.

Download link

https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/131/304/653/608/983/original/7cf2cf9fd205a6a7.png

Notices where this attachment appears

  1. Embed this notice
    BrianKrebs (briankrebs@infosec.exchange)'s status on Tuesday, 02-Sep-2025 07:47:36 JST BrianKrebs BrianKrebs

    New, from me:

    The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

    https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/

    Incidentally, there has been some truly awful reporting perpetrated around the periphery of this story that needs to be called out as irresponsible bullshit. Newsweek uncritically reported today the names of Google employees who were being threatened by the threat actors who claim (with little convincing evidence) to be responsible.

    And Trend Micro's blog put out what I can only assume is AI-produced slop drivel because it basically claimed that a few hundred Google Workforce accounts that were exposed in this Salesloft breach suddenly meant billions of Gmail users were at risk. That Trend atrocity was then of course re-perpetrated to produce even more uncritical garbage "reporting" about this incident. I'm not linking to either, just needed to get that off my chest. It's truly remarkable when Google has to put out a statement talking everyone down off the ledge over this. Pro tip: if you don't track these groups for a living and you don't live and breathe this Com crap, you're probably not going to be able to just parachute in here and write a cool tech story that is also accurate.

    In conversation about 12 days ago from infosec.exchange permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.