CSOonline

Extortion gang opens data leak site to squeeze victims of its Salesforce attacks

The Scattered Lapsus$ Hunters gang, which says it has stolen data from the Salesforce instances of dozens of international companies in recent months, upped its extortion game today by listing their ...
Bleeping Computer

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters ...
Dark Reading

'Overly Permissive' Salesforce Cloud Configs in the Crosshairs

Threat actors are exploiting "customers' overly permissive" Salesforce Experience Cloud guest user configurations to steal sensitive data, Salesforce Security said in a March 7 blog post. Salesforce ...
Dark Reading

Salesforce AI Agents Forced to Leak Sensitive Data

Salesforce Web forms can be manipulated by the company's "Agentforce" autonomous agent into exfiltrating customer relationship management (CRM) data — a concerning development as legacy ...
Bleeping Computer

Salesforce investigates customer data theft via Gainsight breach

Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted ...
TechSpot

Hackers compile personal data on 22,000 US officials using stolen Salesforce records

What we know so far: A hacking collective responsible for leaking personal data on hundreds of federal officials last week has reportedly amassed private records on tens of thousands more, according ...