CSTI
    breachThe Commercial Era (2020-Present) Daily Briefing Landmark Event

    Supply Chain Breach at Salesloft Signals Ongoing Threats

    Wednesday, September 10, 2025

    Supply Chain Breach at Salesloft Signals Ongoing Threats

    On September 10, 2025, a significant breach at Salesloft has raised alarms about the vulnerabilities inherent in supply chain security, particularly involving third-party integrations. Attackers exploited OAuth tokens in the Drift chatbot, allowing unauthorized access to sensitive customer data across several organizations, including notable companies like Cloudflare and Zscaler. This incident underscores the critical need for enhanced scrutiny of third-party applications in Software as a Service (SaaS) environments, as breaches can cascade across multiple entities. Security teams are urged to evaluate their integrations and implement robust token management practices to mitigate such risks.

    Also In Security Today

    • Ransomware Attack on Pennsylvania AG's Office: A ransomware incident disrupted services at the Pennsylvania Attorney General's Office for two weeks. The office opted not to pay the ransom, highlighting the ongoing challenges of ransomware responses. source.
    • Critical Chrome Zero-Day Patch: Google released a patch for CVE-2025-10585, a critical zero-day vulnerability actively exploited in its Chrome browser. Users are urged to update immediately to prevent remote code execution attacks. source.
    • Volvo Data Breach: Approximately 870,000 individuals were affected in a ransomware attack on Volvo's HR software provider, demonstrating the cascading risks of vendor vulnerabilities and the need for better supply chain oversight. source.
    • Record DDoS Attack: A massive Distributed Denial-of-Service (DDoS) attack peaked at 22.2 terabits per second, marking a concerning escalation in the scale of cyber threats affecting internet infrastructure. source.

    Analyst's Take

    Today's events reflect a concerning trend toward increasingly sophisticated cyber threats, particularly in supply chain vulnerabilities and ransomware. Organizations must prioritize comprehensive risk assessments of their third-party integrations and enhance incident response protocols. The critical zero-day vulnerability in Chrome reinforces the necessity for timely patch management across all systems. As cyber threats evolve, defenders should implement layered security approaches, focusing on proactive measures and continuous monitoring to safeguard sensitive data and maintain operational integrity.

    Sources

    Salesloft ransomware zero-day data breach OAuth