The operation, attributed to threat cluster UNC6040, leverages modified versions of Salesforce’s Data Loader and malicious connected apps to compromise organisations—without exploiting any ...

Google’s Threat Intelligence Group says a vishing threat called UNC6040 has been targeting Salesforce applications with a fake data loader.

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.

In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion.

Cybercriminals are stealing business Salesforce data with this simple trick - don't fall for it The goal is to steal large amounts of confidential data in an attempt to extort the victims.

A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal ...

Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers.

A new Google Cloud Threat Intelligence report has revealed a sophisticated vishing campaign targeting Salesforce environments, enabling large-scale data theft and extortion. The operation ...

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.