700+ Companies Hit by SalesLoft Drift Hack, Are You At Risk?

This week on The Awareness Angle, Anthony Davis and Luke Pettigrew celebrate the 50th episode with community shoutouts, fresh awareness content, and a packed lineup of security stories. From password manager flaws to the first AI-powered ransomware. Whether it’s car dealerships grinding to a halt or deepfakes making truth harder to pin down, this one’s about the evolving risks, and the practical takeaways that matter most.🎉 50th Episode & Community Updates – We mark the milestone with a shoutout to Liam, our first official member, plus new merch, Discord updates, and free Hoxhunt awareness videos on AI phishing, deepfakes, and messaging scams.Get the Cybersecurity Awareness Month videos here! https://riskycreative.com/en-gbp/pages/cybersecurity-awareness-month🔑 Password Manager Autofill Flaw – A clickjacking bug in major tools (1Password, Bitwarden, LastPass, NordPass, ProtonPass) lets hidden fields steal your credentials. We explain why you shouldn’t ditch password managers—but why autofill and MFA settings matter more than ever.🤖 The First AI Ransomware – “PromptLock” uses a local AI model (gpt-oss-20b) to generate its own malicious code on demand. Lightweight, cross-platform, and harder to detect—it’s a glimpse of where AI-driven attacks are heading.🚗 Jaguar Land Rover Breach – Registrations halted, staff sent home, and Scattered Spider linked to an exploit of SAP NetWeaver. With hackers claiming stolen data but JLR insisting otherwise, we also warn about opportunistic “compensation scam” ads targeting worried customers.💬 SalesLoft/Drift Breach – Stolen authentication tokens exposed Salesforce integrations at companies like Google, Palo Alto, and Zscaler. We break down what UNC6395 pulled off, why SaaS “shiny tools” can be risky, and the urgent need for token hygiene.📧 Phishing Campaigns That Work – From “lost puppy” photos to cider raffles and free pizza, Reddit’s favourite phish templates spark a debate: are tricksy simulations effective, or should awareness always tie back to real workplace processes?🎭 Deepfakes & Denial – Joe Rogan fooled by a fake video, Trump dismissing real footage as AI. We explore the new problem of “liar’s dividend”—where fakes make truth itself harder to defend.🖼️ Hidden Gemini Prompts in Images – Malicious instructions embedded in pictures, not just text. We ask: when AI gets conflicting commands, what wins? Policies and training will need to catch up fast.This week’s major cyber headlines, decoded into useful takeaways—and sprinkled with moments that make you raise an eyebrow.🕒 Timestamps00:00 — Introduction & Milestone Celebration02:57 — Cybersecurity Awareness & Community Engagement06:00 — Password Manager Vulnerabilities09:00 — AI Ransomware & the Rise of AI in Cybersecurity12:01 — Cyber Attacks on Major Corporations17:20 — Reflections on Cybersecurity Trends18:37 — Compensation Claims & Data Breaches22:26 — SalesLoft Drift Breach: Implications & Insights27:17 — Cyber Awareness & Phishing Campaigns32:31 — AI, Misinformation & Media Risks37:41 — Emerging Cybersecurity Threats📩 For links, videos, and the newsletter – head to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠riskycreative.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠💬 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Check Out This Episode's Discussion Points⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠📧 ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠[email protected]⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🔗⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ riskycreative.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠🎵 Our Intro & Outro Song (© ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠16! by ⁠falling forever⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠)License: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://creativecommons.org/licenses/by/4.0⁠⁠