Google has confirmed a data breach involving one of its Salesforce databases, compromised in June 2025 by the hacking group ...

Per the Google Threat Intelligence Group report, the cybercrooks deployed a technique called ‘Vishing’ which is essentially ...

How the threat actor, tracked as UNC (uncategorised) 6395, obtained the OAuth tokens from Salesloft to exfiltrate data from customer Salesforce instances wasn't detailed. Saleslof ...

Notably, the group behind the attack, UNC6040, is known for targeting Salesforce platforms by abusing tools like the “Data Loader” app, a legitimate application that allows bulk data handling ...

Hackers posed as Salesforce IT staff, using vishing to trick employees into installing malicious software for data theft and extortion.

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.

ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for monetizing stolen data on underground forums since 2020, ShinyHunters has ...

A spokesperson from Salesforce also told Reuters that the vishing campaigns are "targeted social engineering scams designed to exploit gaps in individual users' cybersecurity awareness and best ...

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.