And they abused a Mandiant-developed open source tool in the attacks ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data ...

Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted vishing campaigns.

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give ...

Some customers have mishandled guest user configurations otherwise intended to allow third-party access to important — and sensitive — client data.