Article Details

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More. Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it's knowing which risks matter most right now. That's what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed Salesforce data from some of the biggest names in tech. It's a sharp reminder of how fragile integrations can become the weak link in enterprise defenses. Alongside this, we'll also walk through several high-risk CVEs under active exploitation, the latest moves by advanced threat actors, and fresh insights on making security workflows smarter, not noisier. Each section is designed to give you the essentials—enough to stay informed and prepared, without getting lost in the noise. ⚡ Threat of the Week Salesloft to Take Drift Offline Amid Security Incident — Salesloft announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been caught up in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. "This will provide the fastest path forward to comprehensively review the application and build additional resiliency and security in the system to return the application to full functionality," the company said. "As a result, the Drift chatbot on customer websites will not be available, and Drift will not be accessible. To date, Cloudflare, Google Workspace, PagerDuty, Palo Alto Networks, Proofpoint, SpyCloud, Tanium, Tenable, and Zscaler have confirmed they were impacted by the hack. The activity has been attributed to a threat cluster tracked by Google and Cloudflare as UNC6395 and GRUB1, respectively. Zero Trust + AI: Thrive in the AI Era and Empower Your Workforce It's no surprise, hackers are using AI in creative ways to compromise users and breach organizations. Zscaler Zero Trust + AI helps defeat ransomware and AI-power attacks today by enabling you to detect and block advanced threats, and discover and classify sensitive data everywhere. 🔔 Top News 🔥 Trending CVEs Hackers move fast — often exploiting new flaws within hours. A missed update or a single unpatched CVE can open the door to serious damage. Here are this week's high-risk vulnerabilities making headlines. Review, patch quickly, and stay ahead. This week's list includes — CVE-2025-53690 (SiteCore), CVE-2025-42957 (SAP S/4HANA), CVE-2025-9377 (TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9), CVE-2025-38352 (Linux Kernel/Google Android), CVE-2025-48543 (Google Android), CVE-2025-29927 (Next.js), CVE-2025-52856, CVE-2025-52861 (QNAP QVR), CVE-2025-0309 (Netskope Client for Windows), CVE-2025-21483, CVE-2025-27034 (Qualcomm), CVE-2025-6203 (HashiCorp Vault), CVE-2025-58161 (MobSF), CVE-2025-5931 (Dokan Pro plugin), CVE-2025-53772 (Web Deploy), CVE-2025-9864 (Google Chrome), CVE-2025-9696 (SunPower PVS6), CVE-2025-57833 (Django), CVE-2025-24204 (Apple macOS), CVE-2025-55305 (Electron framework), CVE-2025-53149 (Microsoft Kernel Streaming WOW Thunk Service Driver), CVE-2025-6519, CVE-2025-52549, CVE-2025-52548 (Copeland E2 and E3), CVE-2025-58782 (Apache Jackrabbit), CVE-2025-55190 (Argo CD), CVE-2025-1079, CVE-2025-4613, and a client-side remote code execution (no CVE) (Google Web Designer). 📰 Around the Cyber World 🎥 Cybersecurity Webinars 🔧 Cybersecurity Tools Disclaimer: The tools featured here are provided strictly for educational and research purposes. They have not undergone full security audits, and their behavior may introduce risks if misused. Before experimenting, carefully review the source code, test only in controlled environments, and apply appropriate safeguards. Always ensure your usage aligns with ethical guidelines, legal requirements, and organizational policies. 🔒 Tip of the Week Lock Down Your Router Before Hackers Ever Get a Foot in the Door — Most people think of router security as just "change the password" or "disable UPnP." But attackers are getting far more creative: from rerouting internet traffic through fake BGP paths, to hijacking cloud services that talk directly to your router. The best defense? A layered approach that closes those doors before compromise happens. Here are 3 advanced but practical moves you can start today: Think of your router as the "front door to your digital house." With these tools, you're not just locking it — you're making sure attackers don't even know where the door is, and even if they do, the key changes every day. Conclusion That wraps up this week's briefing, but the story never really ends. New exploits, new tactics, and new risks are already on the horizon—and we'll be here to break them down for you. Until then, stay sharp, stay curious, and remember: one clear insight can make all the difference in stopping the next attack.