News

Salesforce changes Slack API terms to block bulk data access for LLMs
Salesforce’s Slack platform has changed its API terms of service to stop organizations from using Large Language Models (LLMs ...
The Hacker News3d
Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
Salesforce Industry Cloud has 20+ config risks exposing sensitive data; customers must fix most issues to avoid compliance ...
Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks
Salesforce has assigned five CVE identifiers following a security report that uncovered more than 20 configuration weaknesses ...
Enterprises Trust Flosum for Salesforce Data Protection and Compliance Leadership
Flosum reaffirms market leadership in Salesforce data protection with its top-rated Backup and Archive solution.
Security Boulevard3d
New Research on Salesforce Industry Clouds: 0-days, Insecure Defaults, and Exploitable Misconfigurations
AppOmni’s latest research reveals 20+ OmniStudio security flaws, including 5 CVEs affecting Salesforce industry clouds. Learn ...
Security Boulevard3d
Low-Code, High Stakes: Why Security Can’t Be an Afterthought for Customers Using Salesforce Industry Clouds
New research reveals critical security flaws in Salesforce industry clouds. Discover the risks and how to protect your organization now. The post Low-Code, High Stakes: Why Security Can’t Be an ...
Infosecurity Magazine2d
Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers ...
Google: Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against ...
AI is a data-breach time bomb, reveals new report
Man—devouring sensitive data across clouds, apps, and copilots. Varonis analyzed 1,000 orgs and found 99% have exposed data ...
The Hacker News8d
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Google-owned Mandiant, in a technical overview of vishing and the social engineering attacks, pointed out the distinct ...
Veza Unveils New NHI Security Product to Tackle the Fastest-Growing Risk in Identity Security in the AI Era
Veza, the identity security company, today announced a significant platform expansion focused on securing Non-Human Identities (NHIs). The new NHI Security product and capabilities deliver visibility, ...