Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform…
Read the full articleYou might also wanna read

ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
The ShinyHunters group targeted Salesforce users by tricking them into authorizing a malicious Salesforce Data Loader application, which the
Microsoft Warns ShinyHunters-Linked Hackers Are Exploiting Salesforce Apps to Steal Enterprise Data
Microsoft warns ShinyHunters-linked hackers abused OAuth, vishing and trusted Salesforce integrations to steal enterprise data and maintain
ShinyHunters Breaches Reveal Shift to Credential-Based Cyberattacks
Breaches tied to ShinyHunters include University of Nottingham, DentaQuest, 7-Eleven, Medtronic, and Wynn Resorts. The activity has been lin
Defending SaaS-based applications against ShinyHunters OAuth abuse
Between mid-2025 and mid-2026, threat actors using tradecraft associated with ShinyHunters targeted customer SaaS applications, particularly
Defending SaaS-based applications against ShinyHunters OAuth abuse
Microsoft Threat Intelligence has identified activity by the threat actor ShinyHunters involving abuse of OAuth in SaaS-based applications.
Google Confirms Data Breach in Salesforce CRM Theft Campaign by ShinyHunters
Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters e

Comments
Sign in to join the conversation.
No comments yet. Be the first.