Sans Internet Storm Center Daily Network/cyber Security And Information Security Podcast

pdf-parser: All Streams Didier released a new version of pdf-parser.py. This version fixes a problem with dumping all filtered streams. https://isc.sans.edu/diary/pdf-parser%3A%20All%20Streams/32248 Salesloft Drift Putting OAuth Tokens at Risk OAuth tokens used by Salesloft Drift users to provide access to integrations with Salesforce, Google Workspace, and others have been compromised and heavily abused for additional compromise and large-scale data exfiltration from exposed services. https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift Velociraptor incident response tool abused for remote access Attackers are using the open source incident response tool Velociraptor to access remote systems in breached networks. Tools like Velocitraptor are ideal for attackers to perform lateral movement. https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/ Default Password in NeuVector (Rancher Desktop) SuSE fixed a