Salesforce Customers Fall Victim as ShinyHunters and Scattered Spider Join Forces

Joseph K
Aug 15, 2025
1 min read

A coordinated social engineering campaign targeting Salesforce customers has exposed critical vulnerabilities in how enterprises secure their SaaS environments, demonstrating that authenticated users can become the most effective attack vector when manipulated by sophisticated threat actors.

The campaign, executed through an apparent collaboration between the established data extortion group ShinyHunters and social engineering specialists Scattered Spider (also known as UNC3944), has compromised dozens of high-profile organizations including Google, Cisco, LVMH brands, and Qantas. The attackers gained access to customer relationship management data by exploiting OAuth-based authorization for Salesforce Connected Apps through meticulously planned voice phishing attacks.

https://salesforcedevops.net/index.php/2025/08/17/salesforce-customers-fall-victim-as-shinyhunters-and-scattered-spider-join-forces/

Salesforce Customers Fall Victim as ShinyHunters and Scattered Spider Join Forces

Comments

Recent Posts

AWS PartnerCast Highlights How Treehouse Software Replicates Mainframe Data to AWS Without Disruption

NBCUniversal, AWS, Adobe, and WPP Leaders Weigh AI Ad Innovation and IP Protection at CES

AUMOVIO and AWS Partner to Accelerate Safer, Scalable Autonomous Driving Development

AWS Introduces New Well-Architected Lens for Data Residency and Hybrid Cloud Compliance

GDIT Named AWS Global Defense Consulting Partner of the Year for Tactical Edge AI Innovation

Get In Touch

Headquarters

Seoul Office