7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 600,000 Salesforce records containing personal and corporate information. “Over 600k Salesforce records containing PII and other internal corporate data have been compromised.” The…
Tag: Salesforce
Data Breaches, Global Security News
ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach
ShinyHunters leaks data of Udemy, Zara, 7-Eleven, exposing Salesforce records, PII, and cloud-linked breaches across multiple targets.
AI, Global Security News
Salesforce and Google Cloud Enable AI Agents to Act Across Both Platforms with Deep Context and End-to-End Workflows
Google Cloud and Salesforce today announced an expanded partnership that will enable AI agents to execute end-to-end workflows across both platforms by solving the long-standing challenge of fragmented data and disconnected systems.
AI, Compliance, Global Security News, Network Security
Salesforce Creates FDE Partner Network for Agentforce
Salesforce is zeroing in on a familiar sticking point with enterprise AI. Getting something to work in a pilot is one thing; getting it to run smoothly in production, with the messiness of real systems and data, is where things tend to fall apart. The company this week introduced a Forward Deployed Engineering (FDE) Partner…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
McGraw-Hill Confirms Data Exposure Tied to Salesforce Issue
McGraw-Hill has confirmed unauthorized access to a limited set of internal data following a reported Salesforce misconfiguration. The disclosure comes after an extortion threat that raised questions about the scale and sensitivity of the incident. “ShinyHunters has no shortage of options for potential follow-up campaigns. They can target instructors with convincingly branded messages, pivot into…
Global Security News
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.
Exploits, Global Security News
McGraw-Hill confirms data breach following extortion threat
Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. […]
AI, Global Security News
ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak
ShinyHunters hackers claim they stole 3 million+ Cisco records via Salesforce and AWS, warning of a public leak if demands are not met by April 3, 2026.
AI, Global Security News
Informatica Expands Microsoft Collaboration with Open Mirroring Support for Microsoft Fabric and Geographic Expansion for Microsoft Azure Point-of-Delivery
COMPANY ANNOUNCEMENT: Informatica from Salesforce, a leader in AI-powered enterprise cloud data management, today announced deeper integration with Microsoft at the Microsoft Fabric Community Conference in Atlanta. The announcement includes general availability of support for Informatica Intelligent Data Management Cloud (IDMC) for Microsoft Fabric Open Mirroring, as well as the launch of a new Microsoft Azure-based IDMC point-of-delivery…
AI, Global Security News
Agentforce for Small Business is Now Built Into Salesforce Suites
Small businesses can put AI to work directly inside Salesforce Suites, now powered by Agentforce, turning customer data and context into action across every team.
AI, Data Breaches, Global Security News
ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites
Salesforce customers have, once again, been targeted by the ShinyHunters group – or, at least, it’s what the group claims. Attackers modified and abused benign tool On Saturday, Saleforce confirmed that its security team has identified an attack campaign by unnamed malicious actors looking to access customers’ data. The attackers are not leveraging a vulnerability…
AI, Apps, Data Breaches, Global Security News, Risk Management
Salesforce issues new security alert tied to third customer attack spree in six months
Threat hunters and a collection of unconfirmed victims are responding to a series of attacks targeting Salesforce customers, which the vendor disclosed in a security advisory Saturday. “Salesforce is actively monitoring threat activity targeting public-facing Experience Cloud sites, including attempts to take advantage of overly permissive guest user configurations,” the company said in the alert.…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management
Overly permissive ‘guest’ settings put Salesforce customers at risk
Salesforce is urging its customers to review their Experience Cloud ‘guest’ configurations as cybercrime group ShinyHunters claims a new campaign involving data theft and extortion tied to exposed Salesforce environments. The group recently posted screenshots on its leak site claiming breaches of “several hundreds” of organizations, including around 400 websites and roughly 100 “high profile…
AI, Global Security News
ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data
ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid.
AI, Global Security News
Salesforce Introduces Agentic Contact Center for AI, Channels, and CRM
Salesforce has unveiled the new Agentforce Contact Center, a contact center solution to unify voice, digital channels, CRM data, and AI agents into a single system. Salesforce promises customer self-service and AI-human handoff at scale The new solution enables customer self-service at scale, seamless AI-to-human handoffs, and real-time visibility across interactions. The solution is built…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Risk Management
Threat actors use custom AuraInspector to harvest data from Salesforce systems
Attackers are mass-scanning Salesforce Experience Cloud sites using a modified AuraInspector tool to exploit misconfigurations and access sensitive data. Salesforce CSOC warns that threat actors are mass-scanning publicly accessible Experience Cloud sites using a modified version of the AuraInspector tool. AuraInspector is an open‑source command‑line tool released by Google/Mandiant to audit Salesforce Aura and Experience…
AI, Exploits, Global Security News
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Salesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of customers’ overly permissive Experience Cloud guest user configurations to obtain access to…
AI, Exploits, Global Security News
ShinyHunters claims ongoing Salesforce Aura data theft attacks
Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters extortion gang claims to be actively exploiting a new bug to steal data from instances. […]
AI, Global Security News, Risk Management
Salesforce Revamps Consulting Partner Track for Agentic Era
Salesforce is overhauling its Consulting Track partner program, shifting from traditional implementation metrics to a results-driven model designed to support what it calls the “Agentic Enterprise” era. The company said the program update is intended to reward partners based on verifiable customer outcomes rather than legacy scorecards and administrative benchmarks. With partners already leading 70%…