Monday , July 13 2026
Elastic

Elastic Security Incident : Hackers Accessed Email Account Contains Valid Credentials

Elastic reported a security incident caused by a breach at Salesloft Drift, leading to unauthorized access to an internal email account with valid credentials. The company’s main Salesforce system was unaffected, but the incident revealed sensitive information in a few emails.

Salesloft Drift reported a security incident affecting its platform on August 26, 2025. A subsequent in-depth report from Google’s Threat Intelligence Group detailed the threat actor’s activities related to the breach.

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

Elastic activated its incident response protocols to proactively investigate any possible impact on customers using Drift for business applications. Elastic’s security team started an investigation to see if any company or customer data was exposed, even though they weren’t directly notified of being affected.

Scope Of The Impact:

Elastic’s investigation confirmed that its Salesforce environment was not compromised. However, the team discovered that a single email account had been exposed through the “Drift Email” integration. Unauthorized access might have allowed someone to only read emails in that inbox. Security personnel found a few emails in the inbox containing potentially valid credentials.

Elastic informed potentially affected customers via their support channels. The company said that customers who didn’t get a direct notification were not affected by the credential leak. After the Drift incident, Elastic’s Information Security team quickly acted to control the threat and evaluate the damage.

The team conducted a thorough investigation, analyzing access logs, network activity, and system settings to gauge the data exposure. The first crucial action was to disable all Drift integrations in Elastic’s environment to prevent further risk from the compromised third-party platform.

The team checked open-source intelligence for Indicators of Compromise (IOCs) and worked with Drift’s security team for more information. Elastic is committed to transparency and protecting customer data, and is actively monitoring for updates on the situation.

Check Also

Apple

New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide

Researchers at cybersecurity firm Paradigm Shift found a new flaw called usbliter8. This flaw can …