Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler | CyberScoop<\/title> <meta name=\"description\" content=\"Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/salesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler\"> <meta property=\"og:description\" content=\"Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/salesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-09-02T20:05:52+00:00\"> <meta property=\"article:modified_time\" content=\"2025-09-02T20:05:57+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg\"> <meta property=\"og:image:width\" content=\"4500\"> <meta property=\"og:image:height\" content=\"3375\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1754500264g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1756821995g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1753281318g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/85807\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=85807\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsalesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsalesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-85807 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/salesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.949416342412\">\n<div class=\"single-article__header-content\" readability=\"35.199513381995\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/salesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler\/\"> <span>Cybercrime<\/span> <\/a> <\/li>\n<\/ul>\n<p> Salesloft said the AI chat agent for sales and leads will be taken offline, as investigations into the attack spree widen and reveal more victims. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/85807\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"480\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler.jpg?resize=640%2C480&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg 4500w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=300,225 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=768,576 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=1024,768 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=1536,1152 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=2048,1536 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=600,450 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=224,168 224w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=449,337 449w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=900,675 900w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-2.jpg?resize=1124,843 1124w\" sizes=\"(max-width: 900px) 100vw, 900px\"><figcaption> Salesloft confirmed the impact is much more severe and widespread. (imageBROKER\/Timon Schneider\/Alamy) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"65.276432269918\"><body readability=\"134.39273131838\"><\/p>\n<p>Multiple security and technology companies have been swept up in a far-reaching attack spree originating at Salesloft Drift, including <a href=\"https:\/\/blog.cloudflare.com\/response-to-salesloft-drift-incident\/\">Cloudflare<\/a>, <a href=\"https:\/\/www.pagerduty.com\/blog\/news-announcements\/salesloft-drift-data-breach-update-to-our-customers\/\">PagerDuty<\/a>, <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2025\/09\/salesforce-third-party-application-incident-response\/\">Palo Alto Networks<\/a>, <a href=\"https:\/\/spycloud.com\/newsroom\/salesloft-drift-incident-spycloud-response\/\">SpyCloud<\/a> and <a href=\"https:\/\/www.zscaler.com\/blogs\/company-news\/salesloft-drift-supply-chain-incident-key-details-and-zscaler-s-response\">Zscaler<\/a>. <\/p>\n<p>Victim organizations continue to come forward as customers of the third-party AI chat agent hunt for evidence of compromise or receive notices from Salesloft and other companies involved in response, recovery and ongoing attack investigations. <\/p>\n<p>Salesloft initially claimed exposure was limited to customers integrated with Salesforce. Yet, Google Threat Intelligence Group and Mandiant Consulting \u2014 Google\u2019s incident response firm which is now working with Salesloft \u2014 said <a href=\"https:\/\/cyberscoop.com\/salesloft-drift-compromise-scope-expands\/\">any platform integrated with Drift<\/a> is potentially compromised. <\/p>\n<p>The root cause of the attacks, specifically how the threat group that Google tracks as UNC6395 gained initial access to Salesloft Drift, remains unconfirmed. \u201cThere is no evidence of any unusual or malicious activity with the Salesloft platform,\u201d Salesloft said in an <a href=\"https:\/\/trust.salesloft.com\/\">update Saturday<\/a>.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>On Monday, the company said \u201cDrift will be taken offline in the very near future,\u201d rendering the platform inaccessible and the Drift chatbot unavailable on customer websites. \u201cThis will provide the fastest path forward to comprehensively review the application and build additional resiliency and security in the system to return the application to full functionality,\u201d the company added.<\/p>\n<p>Salesloft, which acquired Drift in February 2024, has not responded to requests for comment since news of the attacks first surfaced last week. <\/p>\n<p>The company <a href=\"https:\/\/www.salesloft.com\/company\/newsroom\/clari-and-salesloft-announce-merger-agreement\">announced an agreement to merge with Clari<\/a>, a competitor in the customer-relationship management space, one day before the attacks started Aug. 8. In the merger announcement, the combined companies said they will serve more than 5,000 organizations globally across all industries.<\/p>\n<p>The exposure caused by the attacks has cast widespread concern, as customers seek clarity about the unfolding disaster. Salesloft customers are assessing if they were impacted, and then sifting through data to determine the extent to which they or their customers were compromised. <\/p>\n<p>The attacks did not hit every Salesloft Drift customer. Some Salesloft Drift customers, when contacted by CyberScoop, confirmed they were not implicated by the attacks and found no evidence that corporate or customer data was compromised. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Okta said it was not impacted by the incident, but confirmed it was a target based on <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/data-theft-salesforce-instances-via-salesloft-drift\">indicators of compromise<\/a> Google Threat Intelligence Group shared last week. \u201cThe threat actor attempted to use a compromised token to access our Salesforce instance, but the attack failed because the connection originated from an unauthorized IP address,\u201d the company said in a <a href=\"https:\/\/www.okta.com\/newsroom\/articles\/the-salesloft-incident--a-wake-up-call-for-saas-security-and-ips\/\">blog post<\/a> Tuesday.<\/p>\n<p>Many other businesses were less fortunate.<\/p>\n<p>Sam Curry, chief information security officer at Zscaler, said the company\u2019s Salesloft Drift integration with Salesforce was the point of unauthorized access. The company was using Salesloft Drift integrated with other platforms, but they were not impacted, he added. <\/p>\n<p>Data on a large number of Zscaler\u2019s customers was exposed, including names, business email addresses, job titles, phone numbers, location details, Zscaler product licensing and commercial information, and plain text content from some support cases. <\/p>\n<p>\u201cNo product, service, or infrastructure was affected,\u201d Curry said. \u201cWe are looking to hear from Salesloft Drift and from Salesforce if there are any other findings since this happened in their infrastructure.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Curry said Zscaler was already in the process of ending its relationship with Salesloft Drift for unrelated reasons. <\/p>\n<p>Palo Alto Networks on Tuesday confirmed that it, too, was one of hundreds of organizations impacted by the supply chain attack. The company\u2019s incident response business Unit 42 confirmed the incident was limited to its Salesforce environment, adding that no Palo Alto Networks products or services were impacted. <\/p>\n<p>\u201cMost of the exfiltrated data was business contact information,\u201d a Palo Alto Networks spokesperson told CyberScoop in an email. \u201cHowever, a small number of customers who included sensitive information, such as credentials, in their recent case notes might also have had that data compromised.\u201d<\/p>\n<p>Cloudflare said any information customers shared with the company\u2019s support system \u2014 including logs, tokens or passwords \u2014 should be considered compromised. The company said it found 104 Cloudflare API tokens in the compromised data and, while it found no evidence of abuse, rotated the tokens out of an abundance of caution.<\/p>\n<p>The company also maintained that no Cloudflare services or infrastructure were compromised. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWe are responsible for the choice of tools we use in support of our business,\u201d a group of Cloudflare security leaders said in a blog post Tuesday. \u201cThis breach has let our customers down. For that, we sincerely apologize.\u201d<\/p>\n<p>Former Salesloft Drift customers were impacted as well. In a blog post announcing some data contained in its Salesforce environment was exposed, SpyCloud said it was previously a customer of Salesloft and Drift, but not currently.<\/p>\n<p>Google previously said the data theft campaign occurred over a <a href=\"https:\/\/cyberscoop.com\/salesforce-salesloft-drift-attack-spree-google\/\">10-day period<\/a> last month, potentially impacting <a href=\"https:\/\/cyberscoop.com\/salesloft-drift-compromise-scope-expands\/\">more than 700 organizations<\/a>.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.0733558178752\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/09\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/salesloft-drift-attacks-cloudflare-palo-alto-networks-zscaler\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,384,632,282,78,440,3729,281,646,614,4930,715,3099,4899,4900,4931,310,288,4345],"tags":[236,388,633,286,86,444,3731,285,650,619,4932,720,3104,4902,4903,4933,311,294,4348],"class_list":["post-7948","post","type-post","status-publish","format-standard","hentry","category-ai","category-artificial-intelligence-ai","category-cloudflare","category-cybercrime","category-cybersecurity","category-data-breaches","category-google-threat-intelligence-group","category-hacking","category-mandiant","category-okta","category-pagerduty","category-palo-alto-networks","category-salesforce","category-salesloft","category-salesloft-drift","category-spycloud","category-technology","category-threats","category-zscaler","tag-ai","tag-artificial-intelligence-ai","tag-cloudflare","tag-cybercrime","tag-cybersecurity","tag-data-breaches","tag-google-threat-intelligence-group","tag-hacking","tag-mandiant","tag-okta","tag-pagerduty","tag-palo-alto-networks","tag-salesforce","tag-salesloft","tag-salesloft-drift","tag-spycloud","tag-technology","tag-threats","tag-zscaler"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/artificial-intelligence-ai\/\" rel=\"category tag\">artificial intelligence (AI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cloudflare\/\" rel=\"category tag\">Cloudflare<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/data-breaches\/\" rel=\"category tag\">data breaches<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-threat-intelligence-group\/\" rel=\"category tag\">Google Threat Intelligence Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/hacking\/\" rel=\"category tag\">hacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mandiant\/\" rel=\"category tag\">Mandiant<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/okta\/\" rel=\"category tag\">okta<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/pagerduty\/\" rel=\"category tag\">PagerDuty<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/palo-alto-networks\/\" rel=\"category tag\">Palo Alto Networks<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/salesforce\/\" rel=\"category tag\">Salesforce<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/salesloft\/\" rel=\"category tag\">Salesloft<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/salesloft-drift\/\" rel=\"category tag\">Salesloft Drift<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/spycloud\/\" rel=\"category tag\">SpyCloud<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zscaler\/\" rel=\"category tag\">Zscaler<\/a>","tag_info":"Zscaler","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7948","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7948"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7948\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7948,"date":"2025-09-02T15:05:52","date_gmt":"2025-09-02T20:05:52","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=85807"},"modified":"2025-09-02T15:05:52","modified_gmt":"2025-09-02T20:05:52","slug":"salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/09\/02\/salesloft-drift-attacks-hit-cloudflare-palo-alto-networks-zscaler\/","title":{"rendered":"Salesloft Drift attacks hit Cloudflare, Palo Alto Networks, Zscaler"},"content":{"rendered":"