Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform.
The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it.
In
Source: TheHackerNews
Source Link: https://thehackernews.com/2026/07/microsoft-maps-year-long-shinyhunters.html