Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
"The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated ...
ForcedLeak flaw in Salesforce Agentforce allows data exfiltration via indirect prompt injection; Salesforce issues patch.
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations' Salesforce ...
Salesforce has patched a vulnerability involving its Agentforce agentic artificial intelligence tool, discovered by ...
Salesforce is facing a possible class action lawsuit from almost two dozen plaintiffs who say the SaaS giant should have had better security around its platform, even though a spate of high-profile ...
Do you use Salesforce at your business? If so, then you'll want to watch out for a new phishing attack in which hackers aim to steal your Salesforce data. In a blog post published Wednesday, Google's ...
In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as ...
The attacks linked to a threat group known as ShinyHunters have now compromised Google in addition to numerous other major companies. A wave of data-theft attacks against Salesforce CRM customers has ...