ShinyHunters Hackers Abuse Salesforce OAuth to Bypass MFA and Exfiltrate CRM Data

A series of high-impact campaigns linked by overlapping tradecraft to ShinyHunters, in which attackers abused trusted Salesforce OAuth relationships to bypass conventional MFA protections, establish persistence, and exfiltrate CRM data at scale. The activity, observed from mid-202520252025 through mid-202620262026, affected organizations in retail, education, and manufacturing. Microsoft emphasized that the campaigns did not exploit an […]

The post ShinyHunters Hackers Abuse Salesforce OAuth to Bypass MFA and Exfiltrate CRM Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Read the original article: