ShinyHunters is a notorious cybercrime group that has resurfaced with a new playbook of SaaS-focused attacks. Known for monetizing stolen data on underground forums since 2020, ShinyHunters has ...

Hackers posed as Salesforce IT staff, using vishing to trick employees into installing malicious software for data theft and extortion.

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.

It clarified that the malicious version of the Data Loader is not authorised by Salesforce. "In all observed cases, attackers relied on manipulating end users, not exploiting any vulnerability ...

Google’s Threat Intelligence Group says a vishing threat called UNC6040 has been targeting Salesforce applications with a fake data loader.

Computer Weekly gets under the skin of an ongoing wave of ShinyHunters cyber attacks orchestrated via social engineering against Salesforce users.

In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion.

Google confirms data breach after cyberattack on Salesforce database: What's leaked Google confirmed a brief compromise of its Salesforce system by cybercriminal group UNC6040, which used vishing ...