// Editor's picks
What's worth a look.
A short, hand-picked list of the threads, threat actors and incidents the site's editor thinks defenders should be paying attention to right now. Not driven by analytics, not auto-generated — picked by a human who reads the post-incident reports for a living.
- SalesLoft Drift OAuth abuse: the supply-chain attack that hit everyone
- Why Scattered Spider keeps winning against major retail brands
- SharePoint ToolShell: the patch was July, the exploits never stopped
- UK financial services: who is actually ready for an M&S-style breach?
- Coupang insider leak: when your contractor is the breach