Salesforce Archives • Daily CyberSecurity

AWS Launches “Amazon Quick” to Bridge the Gap Between Desktop and Cloud Amazon Quick AI assistant

AWS Launches “Amazon Quick” to Bridge the Gap Between Desktop and Cloud

Do Son April 29, 2026

As generative artificial intelligence descends from the nebulous clouds to the tangible desktop, AWS has finally unveiled...

Salesforce Revokes Access Tokens: Gainsight App Breach May Have Exposed Customer Data Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Revokes Access Tokens: Gainsight App Breach May Have Exposed Customer Data

Do Son November 21, 2025

Salesforce has issued an urgent security alert after discovering unusual activity involving Gainsight-published applications connected to its...

Hacker Alliance Demands Ransom: Scattered LAPSUS$ Hunters Claim 1 Billion Records Stolen from Salesforce Salesforce Extortion, Scattered LAPSUS$ Hunters

Salesforce Extortion, Scattered LAPSUS$ Hunters

Hacker Alliance Demands Ransom: Scattered LAPSUS$ Hunters Claim 1 Billion Records Stolen from Salesforce

Do Son October 14, 2025

A newly formed cybercrime consortium known as Scattered Lapsus$ Hunters (SLSH) — also dubbed the “Trinity of...

CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise Salesforce vulnerability CVE-2025-9844 Salt Typhoon cyberattack

Salesforce vulnerability CVE-2025-9844 Salt Typhoon cyberattack

CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise

Do Son September 24, 2025

Salesforce has published a security advisory detailing a high-severity flaw in its Salesforce-CLI installer (sf-x64.exe). The vulnerability,...

SolarWinds Issues Advisory on Salesforce Data Breach Linked to Salesloft Drift Serv-U RCE, Authenticated RCE CVE-2024-0692 Salesforce breach

SolarWinds Issues Advisory on Salesforce Data Breach Linked to Salesloft Drift

Do Son September 18, 2025

SolarWinds has issued a security advisory regarding a major Salesforce data breach that exposed sensitive information from...

FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce

Do Son September 15, 2025

The Federal Bureau of Investigation (FBI), in coordination with DHS/CISA, has released a new FLASH Alert (FLASH-20250912-001)...

Salesforce Breach Through Salesloft Drift Hits Google, Cloudflare, and 750 Firms Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Salesforce Breach Through Salesloft Drift Hits Google, Cloudflare, and 750 Firms

Do Son September 9, 2025

Beginning in July 2025, several high-profile companies reported breaches of their Salesforce CRM (Customer Relationship Management) systems,...

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare layoffs 2026 AI bot traffic surge Content Signals Policy, AI Content Usage Cloudflare, Certificate Misissuance Salesforce, supply chain attack DDoS attack, Cloudflare Perplexity AI, Web Scraping Pay Per Crawl Cloudflare abuse R2 outage HTTP Cloudflare Blocking

Cloudflare Confirms Supply Chain Attack, Customer Support Data Exposed

Do Son September 3, 2025

Renowned network services provider Cloudflare has also emerged as a victim in the recent Salesforce CRM attack,...

Data Theft Alert: Salesforce Instances Breached via Third-Party App OAuth Tokens Salesforce data theft

Data Theft Alert: Salesforce Instances Breached via Third-Party App OAuth Tokens

Do Son August 28, 2025

The Google Threat Intelligence Group (GTIG) has issued an urgent advisory on a widespread data theft campaign...

Farmers Insurance Breach: 1.1 Million Customers Exposed in Salesforce Attack Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Farmers Insurance Breach: 1.1 Million Customers Exposed in Salesforce Attack

Do Son August 27, 2025

Recently, there has been a surge in attacks targeting customer relationship management (CRM) systems, particularly Salesforce. Even...

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Do Son August 25, 2025

Salesforce Security has announced the resolution of multiple vulnerabilities in Tableau Server, identified during a proactive security...

Google Admits Salesforce Breach, Joins Chanel & Allianz on ShinyHunters Victim List

Do Son August 7, 2025

A recent surge of persistent attacks targeting Salesforce CRM customer management systems has emerged—not due to vulnerabilities...

RCE, SSRF & Data Exposure: Salesforce Patches 8 Serious Flaws in Tableau Server Tableau Server Vulnerabilities, Remote Code Execution

RCE, SSRF & Data Exposure: Salesforce Patches 8 Serious Flaws in Tableau Server

Do Son July 28, 2025

Salesforce has released a security advisory addressing eight serious vulnerabilities affecting multiple versions of Tableau Server, the...

Salesforce OmniStudio Flaws Expose Encrypted Data Salesforce, OmniStudio

Salesforce OmniStudio Flaws Expose Encrypted Data

Do Son June 11, 2025

Security research partner AppOmni disclosed five critical vulnerabilities in Salesforce’s powerful OmniStudio platform that could expose encrypted...

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps

Do Son June 6, 2025

Google Threat Intelligence Group (GTIG) has sounded the alarm on UNC6040, a financially motivated threat cluster waging...

Critical Alert 1 Active Exploit Detected Today