The Hacker News

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted ...

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give ...
Dark Reading

'Overly Permissive' Salesforce Cloud Configs in the Crosshairs

Some customers have mishandled guest user configurations otherwise intended to allow third-party access to important — and sensitive — client data.
Computer Weekly

Salesforce tracks possible ShinyHunters campaign targeting its users

Salesforce warned users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool.