Salesloft Hit by Major Cybersecurity Breach via GitHub
Salesloft, a leading sales engagement platform, has been hit by a significant cybersecurity incident. Hackers gained access to the company's GitHub account between March and June 2025, leading to a widespread attack on several major tech customers. The breach began when threat actors, later identified as Shinyhunters, accessed Salesloft's GitHub. They downloaded repository data, added a guest user, and created workflows. Mandiant, a cybersecurity firm, discovered the intruders performed reconnaissance activities in Salesloft and Drift application environments during this period. The hackers stole authentication tokens, which they used in a mass attack on several major tech customers, including Google, Zscaler, Cloudflare, and Palo Alto Networks. The stolen tokens were also used to breach Salesloft's AWS environment tied to its Drift platform, further compromising Drift customers' data. Salesloft took Drift's infrastructure, app, and code offline on September 5, 2025, and rotated credentials, adding stronger segmentation between Salesloft and Drift. Salesforce restored integrations with Salesloft technologies on September 7, 2025, but confirmed Drift will remain disabled until further notice. The cyberattack on Salesloft's GitHub in 2025 has had significant implications for the company and its customers. Salesloft has taken steps to mitigate the breach and strengthen its security, but the full extent of the damage is still being assessed. The incident serves as a reminder of the importance of robust cybersecurity measures in the digital age.
Read also:
- Trump and Xi speak over the phone, according to China's confirmation.
- NVIDIA introduces Blackwell to the cloud and unveils the significant enhancement of GeForce Now at Gamescom 2025, marking a major step in cloud gaming technology.
- Strategies for Adhering to KYC/AML Regulations in India, a Leading Fintech Center (2024)
- Strategies for Poland, Ukraine, and NATO to combat unmanned Russian aerial threats.
