The Hacker News

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

WIRTE expands AshTag espionage operations, using phishing & DLL sideloading to target Middle East govts with persistent ...

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR ...

Salesforce Raises Annual Forecasts as AI Software Adoption Picks up Steam

In October, Salesforce forecast revenue of more than $60 billion in 2030, above market estimates, as it works to expand ...

ShinyHunters, Salesloft Drift And The Case For Dynamic SaaS Security

With attackers exploiting trust in apps, integrations and users to gain access that looks legitimate, organizations must rethink their approach beyond traditional tools.
TechCrunch

Google says hackers stole data from 200 companies following Gainsight breach

Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, Salesforce disclosed a breach of “certain customers ...
Business Times

Salesforce says customer data possibly exposed following incident

[WASHINGTON] Salesforce said on Thursday (Nov 20) that it is investigating “unusual activity” involving Gainsight-published applications that may have exposed customer data. In a brief statement ...
TechRadar

Salesforce says customer data may be exposed in Gainsight incident - "unusual activity" being probed

Gainsight apps enabled unauthorized Salesforce data access, prompting token revocation and AppExchange removal Incident linked to August 2025 Salesloft breach, where OAuth tokens exposed 1.5 billion ...
SecurityWeek

Salesforce Instances Hacked via Gainsight Integrations

The ShinyHunters hacking group has launched a new data theft campaign against Salesforce customers, exploiting Gainsight integrations to access their instances. Immediately after discovering the ...
The Hacker News

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

Salesforce has warned of detected "unusual activity" related to Gainsight-published applications connected to the platform. "Our investigation indicates this activity may have enabled unauthorized ...
PC Magazine

Hackers Claim New Mega Breach As Salesforce Investigates Data Thefts

A cybercriminal gang claims to have stolen data from dozens, if not hundreds, of companies after IT provider Salesforce confirmed a potential intrusion targeting customers. The group, Scattered ...
TechCrunch

Salesforce says some of its customers’ data was accessed after Gainsight breach

Salesforce said on Wednesday that it’s investigating a breach of “certain customers’ Salesforce data” that was compromised through apps published by Gainsight, a company that sells a platform for ...
Bleeping Computer

Salesforce investigates customer data theft via Gainsight breach

Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted ...