ShinyHunters claims ongoing Salesforce Aura data theft attacks

Joseph K
3 hours ago
1 min read

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters extortion gang claims to be actively exploiting a new bug to steal data from instances.

Salesforce has shared guidance for its customers to defend against hackers actively targeting the /s/sfsites/aura API endpoint on misconfigured Experience Cloud instances that gives guest users access to more data than intended.

https://www.bleepingcomputer.com/news/security/shinyhunters-claims-ongoing-salesforce-aura-data-theft-attacks/

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Comments

Recent Posts

Salesforce Partners With HealthEx, Verily And Viz.ai To Build Out Healthcare AI Agents

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Salesforce's AI Strategy: A Counterpoint to Job Displacement Fears

Salesforce and HubSpot reshape partner programs for the AI era

Salesforce Expands Agentforce With Formula 1 Partnership And Finance Shift

Get In Touch

Headquarters

Seoul Office