The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment.

Researchers tell CyberScoop that notorious ransomware group Clop may be behind the email barrage.

The researchers who uncovered the “very, very advanced adversary” behind the malware said it could be a big problem years into the future.

Experts say companies often struggle to manage the aftermath when they discover an employee’s true identity is not what it seemed.

The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.

Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims.

Researchers said Google Workspace customers were hit, and noted other platforms are impacted as well. Fresh evidence proves impact was not limited to Salesforce, as Salesloft previously…

The Chinese government-linked hackers were the subject of an alert from U.S. and international partners.

There are still impediments to overcome before companies and agencies can get more broadly aggressive in cyberspace, both legal and commercial.

A threat group Google tracks as UNC6395 systematically stole large amounts of data from Salesforce customer instances by using OAuth tokens stolen from Salesloft Drift, researchers said.