A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent.
The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked by Google Threat Intelligence Group and Mandiant, tracked as UNC6395.
"Beginning as early as



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/08/salesloft-oauth-breach-via-drift-ai.html