< BACK TO NEWS
importantSYS.SOURCE: The Hacker News2026-07-14T11:49:24+05:30

Microsoft Identifies Three Attack Vectors Linked to ShinyHunters in Year-Long Salesforce Data Theft Campaign

Microsoft identified three attack vectors used by ShinyHunters to exfiltrate Salesforce data over a year, leveraging OAuth trust relationships, stolen tokens from vendors, and misconfigured guest access. The collaboration with Salesforce introduced enhanced detection capabilities through Defender for Cloud Apps and real-time event monitoring.

Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform.

The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it.

In 

Read original article

*** END OF TRANSMISSION ***