Domino Effect: How One Vendor's AI App Breach Toppled Giants - www.trendmicro.com

A multi-stage supply chain attack, tracked as UNC6395, originated from the compromise of a Salesloft GitHub repository, leading to the theft of a sensitive OAuth token. This token enabled access to a high-privilege AI chatbot application (Drift) and subsequent exfiltration of customer conversation data and contact information from over 700 integrated Salesforce instances.