Three Buddy Problem - Episode 61: We cover a pair of software supply chain breaches (Salesforce Salesloft Drift and NPM/GitHub) that raises big questions about SaaS integrations and the ripple effects across major security vendors.

Plus, Apple’s new Memory Integrity Enforcement in iPhone 17 and discussion on commercial spyware infections and the value of Apple notifications; concerns around Chinese hardware and surveillance equipment in US infrastructure; Silicon Valley profiting from China’s surveillance ecosystem; and controversy around a Huntress disclosure of an attacker’s operations after an EDR agent was mistakenly installed.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Salesforce advisory on Salesloft Drift hack
• Salesloft Drift Breach Tracker
• Mandiant Drift and Salesloft Application Investigations
• Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
• Large-Scale NPM Attack
• NPM attack failed, with almost no victims
• Chinese Hackers Pretended to Be a Top U.S. Lawmaker
• Czech cyber agency warns against using services and products that send data to China
• Apple Debuts Memory Integrity Enforcement (MIE)
• Huntress: An Attacker’s Blunder Gave Us a Look Into Their Operations
• LABScon 2025 Agenda