Home / Jul 15, 2026 / Story
0
#6 The Hacker News general July 14, 2026 at 06:19 UTC

Microsoft Maps Year-Long ShinyHunters-Linked Salesforce Data Theft Across Three Paths

By [email protected] (The Hacker News)

AI Summary

Microsoft has mapped a year-long Salesforce data theft campaign by actors whose TTPs align with ShinyHunters, conducted entirely through abuse of OAuth trust relationships rather than Salesforce platform vulnerabilities. Attackers exploited OAuth connections between Salesforce and third-party integrations across three distinct attack paths, allowing persistent access to corporate data without triggering platform-level alerts. This highlights the risk of implicit trust granted to OAuth-connected third-party applications in enterprise SaaS environments.

Relevance score: 84.0/100

# More from July 15