New Hak5 Video Discusses Major Cybersecurity Issues

In this new video from the @hak5 channel, Ally Diamond discusses several crucial topics in cybersecurity, including a major vulnerability involving Salesforce and the rapid evolution of AI-powered ransomware.

The first topic covered is a recent security breach involving Salesforce and its integration with Salesloft Drift. Unlike previous attacks using social engineering, this time the attackers used compromised OAuth tokens to access messaging integrations. This vulnerability, attributed to the group UNC6395, is not limited to Salesforce and Salesloft Drift but also affects other integrations. Experts from Obsidian Security describe this breach as the biggest SaaS breach of 2025, highlighting that it is ten times more damaging than traditional credential-based breaches.

Another crucial point in the video is the discovery of an AI-powered ransomware named PromptLock. Although not yet used in practical attacks, this malware has the capability to exfiltrate and encrypt data using dynamically generated LUIS scripts powered by AI. Written in Golang, PromptLock exists in both Windows and Linux versions and uses OpenAI's GPT OSS20B model via the OLama API. This discovery coincides with a report from the Anthropic team, which detected cyberattacks using their tools to write and sell ransomware on the darknet. One threat group has even automated the entire ransomware process, from reconnaissance to credit theft, using Anthropic's Claude tool.

Ally Diamond emphasizes that the rapid evolution of AI in cybersecurity is enabling less technically skilled individuals to overcome non-technical barriers and execute cybercrimes faster than ever. She concludes by discussing the importance of investing in better infrastructure and focusing on the basics of security, rather than engaging in costly and potentially counterproductive retaliation.

Finally, Ally shares her Defcon vlog and encourages viewers to watch it to learn more about her experiences and thoughts on the event.

To learn more, watch the full video at the following address: https://www.youtube.com/watch?v=ndgTuk0GVOo